A fully functional Squid configuration file on Linux

Article Title: a fully functional Squid configuration file on Linux. Linux is a technology channel of the IT lab in China. Including desktop applications, Linux system management, kernel research, embedded systems, open source, and other basic categories, a fully functional squi configuration file
　
# User Authentication
　
Auth_param basic program/usr/lib/squid/ncsa_auth/etc/squid/password
　
Auth_param basic children 5
　
Auth_param basic realm Squid proxy-caching web server
　
Auth_param basic credentialsttl 1 hours
　
Auth_param basic casesensitive off
　
Acl all src 0.0.0.0/0.0.0.0
　
Acl manager proto cache_object
　
Acl localhost src 127.0.0.1/255.255.255.255
　
Acl to_localhost dst 127.0.0.0/8
　
Acl SSL_ports port 443
　
Acl Safe_ports port 80 # http
　
Acl Safe_ports port 21 # ftp
　
Acl Safe_ports port 443 # https
　
Acl Safe_ports port 70 # gopher
　
Acl Safe_ports port 210 # wais
　
Acl Safe_ports port 1025-65535 # unregistered ports
　
Acl Safe_ports port 280 # http-mgmt
　
Acl Safe_ports port 488 # gss-http
　
Acl Safe_ports port 591 # filemaker
　
Acl Safe_ports port 777 # multiling http
　
Acl CONNECT method CONNECT
　
Http_access allow manager localhost
　
Http_access deny manager
　
Http_access deny! Safe_ports
　
Http_access deny CONNECT! SSL_ports
　
# Users in this section can access the Internet
　
Acl our_networks src 192.168.1.0/24 192.168.2.0/24
　
Http_access deny! Our_networks
　
# Binding mac and ip addresses
　
Acl userip src 192.168.1.3
　
Acl usermac arp 00: 0C: 29: 4E: F5: 92
　
Http_access deny usermac! Userip
　
Http_access deny! Usermac userip
　
Http_access allow localhost
　
# Each person's connection is limited to one
　
Acl onlyone maxconn 2
　
Http_access deny onlyone
　
# A user can only log on to the proxy server from one ip Address
　
Acl perip max_user_ip-s 1
　
Http_access allow perip
　
# Blocking URLs starting with certain keywords
　
Acl badhead dstdom_regex-I ^ news ^ game ^ pic ^ xxx
　
Http_access deny badhead
　
# Blocking websites with certain key points
　
Acl badurl urlpath_regex-I news game pic sex mp3 xxx
　
Http_access deny badurl
　
# Blocking specific websites
　
Acl badsite url_regex-I www.msn.com www.xxx.com xxx.com
　
Http_access deny badsite
　
# Prohibiting download of certain types of files
　
Acl badfile url_regex-I \. mp3 $ \. vbs $ \. rmvb $ \. rm \. exe $ \. mpg $ \. mpeg $
　
Http_access deny badfile
　
# Authorizing users to access the web
　
Acl userauth proxy_auth REQUIRED
　
Http_access allow userauth
　
# Connection rejected by other users
　
Http_access deny all
　
Icp_access allow all
　
Log_uses_indirect_client on
　
Http_port 3128
　
Hierarchy_stoplist cgi-bin?
　
Acl QUERY urlpath_regex cgi-bin \?
　
Cache deny QUERY
　
Cache_mem 16 MB
　
Cache_dir ufs/var/spool/squid 100 16 256
　
Access_log/var/log/squid/access. log squid
　
Mime_table/etc/squid/mime. conf
　
Pid_filename/var/run/squid. pid
　
Ftp_telnet_protocol on
　
Refresh_pattern ^ ftp: 1440 20% 10080
　
Refresh_pattern ^ gopher: 1440 0% 1440
　
Refresh_pattern. 0 20% 4320
　
Acl apache rep_header Server ^ Apache
　
Broken_vary_encoding allow apache
　
Half_closed_clients on
　
Cache_mgr root@lrq.com
　
Mail_program mail
　
Cache_inclutive_user squid
　
Cache_paitive_group squid
　
Visible_hostname fc8.lrq.com
　
Delay_pools 1
　
Error_directory/usr/share/squid/errors/Simplify_Chinese
　
Check_hostnames on
　
Dns_timeout 2 minutes
　
Dns_nameservers 192.168.1.254 202.96.134.small
　
Fqdncache_size 1024
　
Forwarded_for on
　
Client_db on
　
Uri_whitespace strip
　
Coredump_dir/var/spool/squid