<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-text-html" lang="x-unicode"> <font face="Courier
New, Courier, monospace">We have a few squid setups to handle
large number of /24 IP blocks.<br>
I want to know is there an easier configuration to do this as we
have to manually configure each conf file and can take a long
time plus the fact of human error. I am trying to reduce the
number of lines needed and make it a little more efficient.
Below is a snippet of a conf file. The bold text is what I am
trying to reduce.<br>
acl localnet src all<br>
<br>
acl SSL_ports port 443<br>
acl Safe_ports port 80 # http<br>
acl Safe_ports port 21 # ftp<br>
acl Safe_ports port 443 # https<br>
acl Safe_ports port 70 # gopher<br>
acl Safe_ports port 210 # wais<br>
acl Safe_ports port 1025-65535 # unregistered ports<br>
acl Safe_ports port 280 # http-mgmt<br>
acl Safe_ports port 488 # gss-http<br>
acl Safe_ports port 591 # filemaker<br>
acl Safe_ports port 777 # multiling http<br>
max_filedesc 65535<br>
<br>
acl CONNECT method CONNECT<br>
<br>
#http_access allow localnet<br>
#http_access allow all<br>
visible_hostname this.that.com<br>
<br>
auth_param basic program basic_ncsa_auth squid/etc/passwords<br>
auth_param basic realm proxy<br>
acl authenticated proxy_auth REQUIRED<br>
http_access allow authenticated<br>
###########################################################<br>
# Section: xxx.yyy.zzz.0 / 24<br>
###########################################################<br>
<b>http_port xxx.yyy.zzz.1:3128 name=1</b><b><br>
</b><b>acl 1 myportname 1 src all</b><b><br>
</b><b>http_access allow 1</b><b><br>
</b><b>tcp_outgoing_address xxx.yyy.zzz.1 1</b><b><br>
</b><b>http_port xxx.yyy.zzz.2:3128 name=2</b><b><br>
</b><b>acl 2 myportname 2 src all</b><b><br>
</b><b>http_access allow 2</b><b><br>
</b><b>tcp_outgoing_address xxx.yyy.zzz.2 2</b><b><br>
</b><b>http_port xxx.yyy.zzz.3:3128 name=3</b><b><br>
</b><b>acl 3 myportname 3 src all</b><b><br>
</b><b>http_access allow 3</b><b><br>
</b><b>tcp_outgoing_address xxx.yyy.zzz.3 3</b><b><br>
</b><b>http_port xxx.yyy.zzz.4:3128 name=4</b><b><br>
</b><b>acl 4 myportname 4 src all</b><b><br>
</b><b>http_access allow 4</b><b><br>
</b><b>tcp_outgoing_address xxx.yyy.zzz.4 4</b><b><br>
</b><b>http_port xxx.yyy.zzz.5:3128 name=5</b><b><br>
</b><b>acl 5 myportname 5 src all</b><b><br>
</b><b>http_access allow 5</b><b><br>
</b><b>tcp_outgoing_address xxx.yyy.zzz.5 5</b><br>
......<br>
<br>
......<br>
request_header_access Allow allow all <br>
request_header_access Authorization allow all <br>
request_header_access WWW-Authenticate allow all <br>
request_header_access Proxy-Authorization allow all <br>
request_header_access Proxy-Authenticate allow all <br>
request_header_access Cache-Control allow all <br>
request_header_access Content-Encoding allow all <br>
request_header_access Content-Length allow all <br>
request_header_access Content-Type allow all <br>
request_header_access Date allow all <br>
request_header_access Expires allow all <br>
request_header_access Host allow all <br>
request_header_access If-Modified-Since allow all <br>
request_header_access Last-Modified allow all <br>
request_header_access Location allow all <br>
request_header_access Pragma allow all <br>
request_header_access Accept allow all <br>
request_header_access Accept-Charset allow all <br>
request_header_access Accept-Encoding allow all <br>
request_header_access Accept-Language allow all <br>
request_header_access Content-Language allow all <br>
request_header_access Mime-Version allow all <br>
request_header_access Retry-After allow all <br>
request_header_access Title allow all <br>
request_header_access Connection allow all <br>
request_header_access Proxy-Connection allow all <br>
request_header_access User-Agent allow all <br>
request_header_access Cookie allow all <br>
request_header_access All deny all <br>
<br>
# Leave coredumps in the first cache dir<br>
coredump_dir /var/spool/squid<br>
<br>
#<br>
# Add any of your own refresh_pattern entries above these.<br>
#<br>
refresh_pattern ^ftp: 1440 20% 10080<br>
refresh_pattern ^gopher: 1440 0% 1440<br>
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0<br>
refresh_pattern . 0 20% 4320 <br>
</font> </div>
<pre class="moz-signature" cols="72">
</pre>
</body>
</html>