committing changes in /etc made by "-bash"
Package changes:
This commit is contained in:
56
.etckeeper
56
.etckeeper
@@ -1061,23 +1061,23 @@ maybe chmod 0755 'issue.d'
|
||||
maybe chmod 0640 'issue.net'
|
||||
maybe chmod 0755 'java'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/calendars.properties'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/logging.properties'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/blacklisted.certs'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/java.policy'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/java.security'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/nss.cfg'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/nss.fips.cfg'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/policy'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/policy/limited'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/policy/limited/US_export_policy.jar'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/policy/limited/local_policy.jar'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/policy/unlimited'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/policy/unlimited/US_export_policy.jar'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/lib/security/policy/unlimited/local_policy.jar'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/calendars.properties'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/logging.properties'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/blacklisted.certs'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/java.policy'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/java.security'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/nss.cfg'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/nss.fips.cfg'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/policy'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/policy/limited'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/policy/limited/US_export_policy.jar'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/policy/limited/local_policy.jar'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/policy/unlimited'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/policy/unlimited/US_export_policy.jar'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/lib/security/policy/unlimited/local_policy.jar'
|
||||
maybe chmod 0755 'java/security'
|
||||
maybe chmod 0755 'java/security/security.d'
|
||||
maybe chmod 0755 'jvm'
|
||||
@@ -4058,6 +4058,16 @@ maybe chgrp 'mock' 'mock/eol/fedora-36-s390x.cfg'
|
||||
maybe chmod 0644 'mock/eol/fedora-36-s390x.cfg'
|
||||
maybe chgrp 'mock' 'mock/eol/fedora-36-x86_64.cfg'
|
||||
maybe chmod 0644 'mock/eol/fedora-36-x86_64.cfg'
|
||||
maybe chgrp 'mock' 'mock/eol/fedora-37-aarch64.cfg'
|
||||
maybe chmod 0644 'mock/eol/fedora-37-aarch64.cfg'
|
||||
maybe chgrp 'mock' 'mock/eol/fedora-37-i386.cfg'
|
||||
maybe chmod 0644 'mock/eol/fedora-37-i386.cfg'
|
||||
maybe chgrp 'mock' 'mock/eol/fedora-37-ppc64le.cfg'
|
||||
maybe chmod 0644 'mock/eol/fedora-37-ppc64le.cfg'
|
||||
maybe chgrp 'mock' 'mock/eol/fedora-37-s390x.cfg'
|
||||
maybe chmod 0644 'mock/eol/fedora-37-s390x.cfg'
|
||||
maybe chgrp 'mock' 'mock/eol/fedora-37-x86_64.cfg'
|
||||
maybe chmod 0644 'mock/eol/fedora-37-x86_64.cfg'
|
||||
maybe chgrp 'mock' 'mock/eol/mageia-6-armv5tl.cfg'
|
||||
maybe chmod 0644 'mock/eol/mageia-6-armv5tl.cfg'
|
||||
maybe chgrp 'mock' 'mock/eol/mageia-6-armv7hl.cfg'
|
||||
@@ -4129,16 +4139,6 @@ maybe chgrp 'mock' 'mock/eurolinux-9-i686.cfg'
|
||||
maybe chmod 0644 'mock/eurolinux-9-i686.cfg'
|
||||
maybe chgrp 'mock' 'mock/eurolinux-9-x86_64.cfg'
|
||||
maybe chmod 0644 'mock/eurolinux-9-x86_64.cfg'
|
||||
maybe chgrp 'mock' 'mock/fedora-37-aarch64.cfg'
|
||||
maybe chmod 0644 'mock/fedora-37-aarch64.cfg'
|
||||
maybe chgrp 'mock' 'mock/fedora-37-i386.cfg'
|
||||
maybe chmod 0644 'mock/fedora-37-i386.cfg'
|
||||
maybe chgrp 'mock' 'mock/fedora-37-ppc64le.cfg'
|
||||
maybe chmod 0644 'mock/fedora-37-ppc64le.cfg'
|
||||
maybe chgrp 'mock' 'mock/fedora-37-s390x.cfg'
|
||||
maybe chmod 0644 'mock/fedora-37-s390x.cfg'
|
||||
maybe chgrp 'mock' 'mock/fedora-37-x86_64.cfg'
|
||||
maybe chmod 0644 'mock/fedora-37-x86_64.cfg'
|
||||
maybe chgrp 'mock' 'mock/fedora-38-aarch64.cfg'
|
||||
maybe chmod 0644 'mock/fedora-38-aarch64.cfg'
|
||||
maybe chgrp 'mock' 'mock/fedora-38-i386.cfg'
|
||||
@@ -6081,6 +6081,8 @@ maybe chmod 0640 'squid/passwords'
|
||||
maybe chgrp 'squid' 'squid/squid.conf'
|
||||
maybe chmod 0640 'squid/squid.conf'
|
||||
maybe chmod 0644 'squid/squid.conf.default'
|
||||
maybe chgrp 'squid' 'squid/squid.conf.rpmnew'
|
||||
maybe chmod 0640 'squid/squid.conf.rpmnew'
|
||||
maybe chmod 0640 'squid/userip.conf'
|
||||
maybe chmod 0755 'ssh'
|
||||
maybe chmod 0644 'ssh/moduli'
|
||||
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/alt-java
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/alt-java
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/alt-java-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/alt-java-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/java
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/java
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/java-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/java-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/jjs
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/jjs
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/jjs-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/jjs-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/jre-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64
|
||||
/usr/lib/jvm/jre-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/keytool
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/keytool
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/keytool-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/keytool-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/orbd
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/orbd
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/orbd-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/orbd-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/pack200
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/pack200
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/pack200-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/pack200-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/policytool
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/policytool
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/policytool-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/policytool-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/rmid
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/rmid
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/rmid-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/rmid-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/rmiregistry
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/rmiregistry
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/rmiregistry-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/rmiregistry-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/servertool
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/servertool
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/servertool-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/servertool-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/tnameserv
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/tnameserv
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/tnameserv-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/tnameserv-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64/jre/bin/unpack200
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64/jre/bin/unpack200
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/unpack200-java-1.8.0-openjdk-1.8.0.392.b08-4.el8.x86_64.1.gz
|
||||
/usr/share/man/man1/unpack200-java-1.8.0-openjdk-1.8.0.402.b06-2.el8.x86_64.1.gz
|
||||
@@ -14,6 +14,7 @@ config_opts['bootstrap_image'] = 'registry.fedoraproject.org/fedora:{{ releaseve
|
||||
config_opts['dnf.conf'] = """
|
||||
[main]
|
||||
keepcache=1
|
||||
system_cachedir=/var/cache/dnf
|
||||
debuglevel=2
|
||||
reposdir=/dev/null
|
||||
logfile=/var/log/yum.log
|
||||
|
||||
@@ -23,6 +23,7 @@ config_opts['description'] = 'Fedora Rawhide'
|
||||
config_opts['dnf.conf'] = """
|
||||
[main]
|
||||
keepcache=1
|
||||
system_cachedir=/var/cache/dnf
|
||||
debuglevel=2
|
||||
reposdir=/dev/null
|
||||
logfile=/var/log/yum.log
|
||||
|
||||
@@ -167,6 +167,7 @@ rbl {
|
||||
|
||||
RSPAMD_EMAILBL {
|
||||
ignore_whitelist = true;
|
||||
ignore_url_whitelist = true;
|
||||
ignore_defaults = true;
|
||||
exclude_users = false;
|
||||
emails_delimiter = ".";
|
||||
@@ -182,6 +183,7 @@ rbl {
|
||||
|
||||
MSBL_EBL {
|
||||
ignore_whitelist = true;
|
||||
ignore_url_whitelist = true;
|
||||
ignore_defaults = true;
|
||||
exclude_users = false;
|
||||
rbl = "ebl.msbl.org";
|
||||
|
||||
@@ -66,7 +66,7 @@ worker "rspamd_proxy" {
|
||||
|
||||
worker "fuzzy" {
|
||||
bind_socket = "localhost:11335";
|
||||
count = -1; # Disable by default
|
||||
count = -1; # Disable by default, see #4677 for details
|
||||
.include "$CONFDIR/worker-fuzzy.inc"
|
||||
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-fuzzy.inc"
|
||||
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-fuzzy.inc"
|
||||
|
||||
@@ -1 +1 @@
|
||||
da21fddcacbf8f3ec089e14164092f9fc387952f306da7cb453df6b823b94227ab2d5d5605d49e25350050f62133f9c09fd30eef16a837456b0b59b8c4f6873b
|
||||
74568de21cee2c805e95bec3f792112650c5c8691323475260068f9bb79bb41952a3d6835ee42584446c1c6d55bf41448475141a64a74f62b12e6a66dac14ac5
|
||||
|
||||
Binary file not shown.
@@ -73,7 +73,7 @@ p {
|
||||
pre {
|
||||
}
|
||||
|
||||
/* special event: FTP / Gopher directory listing */
|
||||
/* special event: FTP directory listing */
|
||||
#dirmsg {
|
||||
font-family: courier, monospace;
|
||||
color: black;
|
||||
|
||||
@@ -73,7 +73,7 @@ p {
|
||||
pre {
|
||||
}
|
||||
|
||||
/* special event: FTP / Gopher directory listing */
|
||||
/* special event: FTP directory listing */
|
||||
#dirmsg {
|
||||
font-family: courier, monospace;
|
||||
color: black;
|
||||
|
||||
@@ -18,7 +18,6 @@ acl SSL_ports port 443
|
||||
acl Safe_ports port 80 # http
|
||||
acl Safe_ports port 21 # ftp
|
||||
acl Safe_ports port 443 # https
|
||||
acl Safe_ports port 70 # gopher
|
||||
acl Safe_ports port 210 # wais
|
||||
acl Safe_ports port 1025-65535 # unregistered ports
|
||||
acl Safe_ports port 280 # http-mgmt
|
||||
@@ -71,6 +70,5 @@ coredump_dir /var/spool/squid
|
||||
# Add any of your own refresh_pattern entries above these.
|
||||
#
|
||||
refresh_pattern ^ftp: 1440 20% 10080
|
||||
refresh_pattern ^gopher: 1440 0% 1440
|
||||
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
|
||||
refresh_pattern . 0 20% 4320
|
||||
|
||||
74
squid/squid.conf.rpmnew
Normal file
74
squid/squid.conf.rpmnew
Normal file
@@ -0,0 +1,74 @@
|
||||
#
|
||||
# Recommended minimum configuration:
|
||||
#
|
||||
|
||||
# Example rule allowing access from your local networks.
|
||||
# Adapt to list your (internal) IP networks from where browsing
|
||||
# should be allowed
|
||||
acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
|
||||
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
|
||||
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
|
||||
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
|
||||
acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
|
||||
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
|
||||
acl localnet src fc00::/7 # RFC 4193 local private network range
|
||||
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
|
||||
|
||||
acl SSL_ports port 443
|
||||
acl Safe_ports port 80 # http
|
||||
acl Safe_ports port 21 # ftp
|
||||
acl Safe_ports port 443 # https
|
||||
acl Safe_ports port 210 # wais
|
||||
acl Safe_ports port 1025-65535 # unregistered ports
|
||||
acl Safe_ports port 280 # http-mgmt
|
||||
acl Safe_ports port 488 # gss-http
|
||||
acl Safe_ports port 591 # filemaker
|
||||
acl Safe_ports port 777 # multiling http
|
||||
acl CONNECT method CONNECT
|
||||
|
||||
#
|
||||
# Recommended minimum Access Permission configuration:
|
||||
#
|
||||
# Deny requests to certain unsafe ports
|
||||
http_access deny !Safe_ports
|
||||
|
||||
# Deny CONNECT to other than secure SSL ports
|
||||
http_access deny CONNECT !SSL_ports
|
||||
|
||||
# Only allow cachemgr access from localhost
|
||||
http_access allow localhost manager
|
||||
http_access deny manager
|
||||
|
||||
# We strongly recommend the following be uncommented to protect innocent
|
||||
# web applications running on the proxy server who think the only
|
||||
# one who can access services on "localhost" is a local user
|
||||
#http_access deny to_localhost
|
||||
|
||||
#
|
||||
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
|
||||
#
|
||||
|
||||
# Example rule allowing access from your local networks.
|
||||
# Adapt localnet in the ACL section to list your (internal) IP networks
|
||||
# from where browsing should be allowed
|
||||
http_access allow localnet
|
||||
http_access allow localhost
|
||||
|
||||
# And finally deny all other access to this proxy
|
||||
http_access deny all
|
||||
|
||||
# Squid normally listens to port 3128
|
||||
http_port 3128
|
||||
|
||||
# Uncomment and adjust the following to add a disk cache directory.
|
||||
#cache_dir ufs /var/spool/squid 100 16 256
|
||||
|
||||
# Leave coredumps in the first cache dir
|
||||
coredump_dir /var/spool/squid
|
||||
|
||||
#
|
||||
# Add any of your own refresh_pattern entries above these.
|
||||
#
|
||||
refresh_pattern ^ftp: 1440 20% 10080
|
||||
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
|
||||
refresh_pattern . 0 20% 4320
|
||||
Reference in New Issue
Block a user