41 lines
1.6 KiB
Diff
41 lines
1.6 KiB
Diff
diff -Nru squid-3.0.STABLE15.orig/src/cf.data.pre squid-3.0.STABLE15/src/cf.data.pre
|
|
--- squid-3.0.STABLE15.orig/src/cf.data.pre 2009-05-06 13:11:41.000000000 +0200
|
|
+++ squid-3.0.STABLE15/src/cf.data.pre 2009-05-18 17:13:37.000000000 +0200
|
|
@@ -123,7 +123,7 @@
|
|
If you want to use the traditional NCSA proxy authentication, set
|
|
this line to something like
|
|
|
|
- auth_param basic program @DEFAULT_PREFIX@/libexec/ncsa_auth @DEFAULT_PREFIX@/etc/passwd
|
|
+ auth_param basic program @DEFAULT_PREFIX@/libexec/ncsa_auth /etc/passwd
|
|
|
|
"children" numberofchildren
|
|
The number of authenticator processes to spawn. If you start too few
|
|
@@ -185,7 +185,7 @@
|
|
If you want to use a digest authenticator, set this line to
|
|
something like
|
|
|
|
- auth_param digest program @DEFAULT_PREFIX@/bin/digest_pw_auth @DEFAULT_PREFIX@/etc/digpass
|
|
+ auth_param digest program @DEFAULT_PREFIX@/bin/digest_pw_auth /etc/digpass
|
|
|
|
"children" numberofchildren
|
|
The number of authenticator processes to spawn (no default).
|
|
@@ -630,6 +630,9 @@
|
|
|
|
NOCOMMENT_START
|
|
#Recommended minimum configuration:
|
|
+acl password proxy_auth REQUIRED
|
|
+acl all src 0.0.0.0/0.0.0.0
|
|
+acl lan src 127.0.0.1/255.255.255.255 # <insert the local network here>
|
|
acl manager proto cache_object
|
|
acl localhost src 127.0.0.1/32
|
|
acl to_localhost dst 127.0.0.0/8
|
|
@@ -685,6 +688,8 @@
|
|
# Only allow cachemgr access from localhost
|
|
http_access allow manager localhost
|
|
http_access deny manager
|
|
+http_access deny !lan !localhost
|
|
+http_access allow password
|
|
# Deny requests to unknown ports
|
|
http_access deny !Safe_ports
|
|
# Deny CONNECT to other than SSL ports
|