add etables, finetune squid package, more busybox finetuning

author: Waldemar Brodkorb <wbx@openadk.org> 2009-11-29 12:46:11 +0100
committer: Waldemar Brodkorb <wbx@openadk.org> 2009-11-29 12:46:11 +0100
commit: d89c077bd8905bdd079d69b11bedc1eb440067b9 (patch)
tree: 2c7bd2a8b642bd1ba0383adc4259bfe53b8515ec /package/squid/files
parent: 706b94b351d574c66f9a6142f5bcae33a98274f3 (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/package/squid/files/squid.conf b/package/squid/files/squid.conf
new file mode 100644
index 000000000..86ffa60c7
--- /dev/null
+++ b/package/squid/files/squid.conf
@@ -0,0 +1,27 @@
+visible_hostname linux
+http_port 3128
+# acl
+acl manager proto cache_object
+acl localhost src 127.0.0.1/32
+acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
+acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
+acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
+acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
+acl SSL_ports port 443
+acl Safe_ports port 80		# http
+acl Safe_ports port 21		# ftp
+acl Safe_ports port 443		# https
+acl Safe_ports port 70		# gopher
+acl Safe_ports port 210		# wais
+acl Safe_ports port 1025-65535	# unregistered ports
+acl Safe_ports port 280		# http-mgmt
+acl Safe_ports port 488		# gss-http
+acl Safe_ports port 591		# filemaker
+acl Safe_ports port 777		# multiling http
+acl CONNECT method CONNECT
+http_access allow manager localhost
+http_access deny manager
+http_access deny !Safe_ports
+http_access deny CONNECT !SSL_ports
+http_access allow localnet
+http_access deny all
author	Waldemar Brodkorb <wbx@openadk.org>	2009-11-29 12:46:11 +0100
committer	Waldemar Brodkorb <wbx@openadk.org>	2009-11-29 12:46:11 +0100
commit	d89c077bd8905bdd079d69b11bedc1eb440067b9 (patch)
tree	2c7bd2a8b642bd1ba0383adc4259bfe53b8515ec /package/squid/files
parent	706b94b351d574c66f9a6142f5bcae33a98274f3 (diff)