-# Do not modify '/var/ipcop/proxy/squid.conf' directly since any changes
-# you make will be overwritten whenever you resave proxy settings using the
-# web interface! Instead, modify the file '/var/ipcop/proxy/acl' and then
-# restart squid using the web interface. Changes made to the 'acl' file
-# will propagate to the 'squid.conf' file at that time.
-# [Scott Tregear, 22 Feb 2005]
-
-# Uncomment the following line to enable logging of User-Agent header:
-#useragent_log /var/log/squid/user_agent.log
-
-# Uncomment the following line to enable logging of Referer header:
-#referer_log /var/log/squid/referer.log
-
-acl all src 0.0.0.0/0.0.0.0
-acl localhost src 127.0.0.1/255.255.255.255
-acl SSL_ports port 443 563
-acl Safe_ports port 80 # http
-acl Safe_ports port 21 # ftp
-acl Safe_ports port 443 563 # https, snews
-acl Safe_ports port 70 # gopher
-acl Safe_ports port 210 # wais
-acl Safe_ports port 1025-65535 # unregistered ports
-acl Safe_ports port 280 # http-mgmt
-acl Safe_ports port 488 # gss-http
-acl Safe_ports port 591 # filemaker
-acl Safe_ports port 777 # multiling http
-acl Safe_ports port __PROXY_PORT__ # Squid port (for icons)
-
-acl IPCop_http port 81
-acl IPCop_https port 445
-acl IPCop_ips dst __GREEN_IP__ __BLUE_IP__
-acl IPCop_networks src __GREEN_NET__ __BLUE_NET__
-acl CONNECT method CONNECT
-
-##Access to squid:
-#local machine, no restriction
-http_access allow localhost
-
-#GUI admin if local machine connects
-http_access allow IPCop_ips IPCop_networks IPCop_http
-http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https
-
-#Deny not web services
-http_access deny !Safe_ports
-http_access deny CONNECT !SSL_ports
-
-#Finally allow IPCop_networks clients
-http_access allow IPCop_networks
-http_access deny all
+# Do not modify '/var/ipcop/proxy/squid.conf' directly since any changes\r
+# you make will be overwritten whenever you resave proxy settings using the\r
+# web interface! Instead, modify the file '/var/ipcop/proxy/acl' and then\r
+# restart squid using the web interface. Changes made to the 'acl' file\r
+# will propagate to the 'squid.conf' file at that time.\r
+# [Scott Tregear, 22 Feb 2005]\r
+\r
+# Uncomment the following line to enable logging of User-Agent header:\r
+#useragent_log /var/log/squid/user_agent.log\r
+\r
+# Uncomment the following line to enable logging of Referer header:\r
+#referer_log /var/log/squid/referer.log\r
+\r
+acl all src 0.0.0.0/0.0.0.0\r
+acl localhost src 127.0.0.1/255.255.255.255\r
+acl SSL_ports port 443 563 \r
+acl Safe_ports port 80 # http \r
+acl Safe_ports port 21 # ftp \r
+acl Safe_ports port 443 563 # https, snews \r
+acl Safe_ports port 70 # gopher \r
+acl Safe_ports port 210 # wais \r
+acl Safe_ports port 1025-65535 # unregistered ports \r
+acl Safe_ports port 280 # http-mgmt \r
+acl Safe_ports port 488 # gss-http \r
+acl Safe_ports port 591 # filemaker \r
+acl Safe_ports port 777 # multiling http \r
+acl Safe_ports port __PROXY_PORT__ # Squid port (for icons) \r
+\r
+acl IPCop_http port 81\r
+acl IPCop_https port 444\r
+acl IPCop_ips dst __GREEN_IP__ __BLUE_IP__\r
+acl IPCop_networks src __GREEN_NET__ __BLUE_NET__\r
+acl CONNECT method CONNECT \r
+\r
+##Access to squid:\r
+#local machine, no restriction\r
+http_access allow localhost\r
+\r
+#GUI admin if local machine connects\r
+http_access allow IPCop_ips IPCop_networks IPCop_http\r
+http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https\r
+\r
+#Deny not web services\r
+http_access deny !Safe_ports\r
+http_access deny CONNECT !SSL_ports\r
+\r
+#Finally allow IPCop_networks clients\r
+http_access allow IPCop_networks\r
+http_access deny all\r
-##
-## httpd.conf -- Apache HTTP server configuration file
-##
-## $Id: httpd.conf,v 1.15.2.7 2005/04/16 11:40:15 rkerr Exp $
-##
-ServerType standalone
-ServerRoot /etc/httpd
-
-LockFile /var/lock/httpd.lock
-PidFile /var/run/httpd.pid
-ScoreBoardFile /var/run/httpd.scoreboard
-Timeout 900
-KeepAlive On
-MaxKeepAliveRequests 100
-KeepAliveTimeout 15
-MinSpareServers 1
-MaxSpareServers 2
-StartServers 2
-MaxClients 10
-MaxRequestsPerChild 100
-Port 81
-Listen 81
-Listen 445
-User nobody
-Group nobody
-ServerAdmin root@localhost
-ServerTokens Prod
-DocumentRoot /home/httpd/html
-# Limit track/trace requests
-RewriteEngine on
-RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
-RewriteRule .* - [F]
-
-<Directory />
- Options None
- AllowOverride None
-</Directory>
-<Directory /home/httpd/html>
- Options ExecCGI
- AllowOverride None
- Order allow,deny
- Allow from all
-</Directory>
-<DirectoryMatch "/home/httpd/html/(graphs|sgraph)">
- AuthName "Restricted"
- AuthType Basic
- AuthUserFile CONFIG_ROOT/auth/users
- require user admin
-</DirectoryMatch>
-ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/
-<Directory /home/httpd/cgi-bin>
- AllowOverride None
- Options None
- AuthName "Restricted"
- AuthType Basic
- AuthUserFile CONFIG_ROOT/auth/users
- Require user admin
- <Files index.cgi>
- Satisfy Any
- Allow from All
- </Files>
- <Files credits.cgi>
- Satisfy Any
- Allow from All
- </Files>
- <Files dial.cgi>
- Require user admin dial
- </Files>
-</Directory>
-<IfModule mod_dir.c>
- DirectoryIndex index.html index.htm index.shtml index.cgi
-</IfModule>
-AccessFileName .htaccess
-<Files ~ "^\.ht">
- Order allow,deny
- Deny from all
-</Files>
-<IfModule mod_mime.c>
- TypesConfig /etc/mime.types
-</IfModule>
-DefaultType text/plain
-
-HostnameLookups Off
-ErrorLog /var/log/httpd/error_log
-LogLevel warn
-LogFormat "%h %l %u %t \"%r\" %>s %b" common
-CustomLog /var/log/httpd/access_log common
-ServerSignature Off
-AddHandler cgi-script .cgi
-<IfModule mod_setenvif.c>
- BrowserMatch "Mozilla/2" nokeepalive
- BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
- BrowserMatch "RealPlayer 4\.0" force-response-1.0
- BrowserMatch "Java/1\.0" force-response-1.0
- BrowserMatch "JDK/1\.0" force-response-1.0
-</IfModule>
-
-###
-### SSL Configuration
-###
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl .crl
-
-SSLPassPhraseDialog builtin
-SSLSessionCache dbm:/var/log/httpd/ssl_scache
-SSLSessionCacheTimeout 900
-SSLMutex file:/var/log/httpd/ssl_mutex
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-SSLLog /var/log/httpd/ssl_engine_log
-SSLLogLevel info
-
-<VirtualHost _default_:445>
- RewriteEngine on
- RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
- RewriteRule .* - [F]
- DocumentRoot /home/httpd/html
- ServerAdmin root@localhost
- ErrorLog /var/log/httpd/error_log
- TransferLog /var/log/httpd/access_log
- SSLEngine on
- SSLProtocol all -SSLv2
- SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP
- SSLCertificateFile /etc/httpd/server.crt
- SSLCertificateKeyFile /etc/httpd/server.key
- <Files ~ "\.(cgi|shtml?)$">
- SSLOptions +StdEnvVars
- </Files>
- <Directory /home/httpd/cgi-bin>
- SSLOptions +StdEnvVars
- </Directory>
- SetEnv HOME /home/nobody
- SetEnvIf User-Agent ".*MSIE.*" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- CustomLog /var/log/httpd/ssl_request_log \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-</VirtualHost>
-
-<Directory /home/httpd/html/backup>
- Options None
- AllowOverride None
- AuthName "Restricted"
- AuthType Basic
- AuthUserFile /var/ipcop/auth/users
- require user admin
-</Directory>
-
-include /etc/httpd/conf/hostname.conf
+##\r
+## httpd.conf -- Apache HTTP server configuration file\r
+##\r
+## $Id: httpd.conf,v 1.15.2.7 2005/04/16 11:40:15 rkerr Exp $\r
+##\r
+ServerType standalone\r
+ServerRoot /etc/httpd\r
+\r
+LockFile /var/lock/httpd.lock\r
+PidFile /var/run/httpd.pid\r
+ScoreBoardFile /var/run/httpd.scoreboard\r
+Timeout 900\r
+KeepAlive On\r
+MaxKeepAliveRequests 100\r
+KeepAliveTimeout 15\r
+MinSpareServers 1\r
+MaxSpareServers 2\r
+StartServers 2\r
+MaxClients 10\r
+MaxRequestsPerChild 100\r
+Port 81\r
+Listen 81\r
+Listen 444\r
+User nobody\r
+Group nobody\r
+ServerAdmin root@localhost\r
+ServerTokens Prod\r
+DocumentRoot /home/httpd/html\r
+# Limit track/trace requests\r
+RewriteEngine on\r
+RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)\r
+RewriteRule .* - [F]\r
+\r
+<Directory />\r
+ Options None\r
+ AllowOverride None\r
+</Directory>\r
+<Directory /home/httpd/html>\r
+ Options ExecCGI\r
+ AllowOverride None\r
+ Order allow,deny\r
+ Allow from all\r
+</Directory>\r
+<DirectoryMatch "/home/httpd/html/(graphs|sgraph)">\r
+ AuthName "Restricted"\r
+ AuthType Basic\r
+ AuthUserFile CONFIG_ROOT/auth/users\r
+ require user admin\r
+</DirectoryMatch>\r
+ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/\r
+<Directory /home/httpd/cgi-bin>\r
+ AllowOverride None\r
+ Options None\r
+ AuthName "Restricted"\r
+ AuthType Basic\r
+ AuthUserFile CONFIG_ROOT/auth/users\r
+ Require user admin\r
+ <Files index.cgi>\r
+ Satisfy Any\r
+ Allow from All\r
+ </Files>\r
+ <Files credits.cgi>\r
+ Satisfy Any\r
+ Allow from All\r
+ </Files>\r
+ <Files dial.cgi>\r
+ Require user admin dial\r
+ </Files>\r
+</Directory>\r
+<IfModule mod_dir.c>\r
+ DirectoryIndex index.html index.htm index.shtml index.cgi\r
+</IfModule>\r
+AccessFileName .htaccess\r
+<Files ~ "^\.ht">\r
+ Order allow,deny\r
+ Deny from all\r
+</Files>\r
+<IfModule mod_mime.c>\r
+ TypesConfig /etc/mime.types\r
+</IfModule>\r
+DefaultType text/plain\r
+\r
+HostnameLookups Off\r
+ErrorLog /var/log/httpd/error_log\r
+LogLevel warn\r
+LogFormat "%h %l %u %t \"%r\" %>s %b" common\r
+CustomLog /var/log/httpd/access_log common\r
+ServerSignature Off\r
+AddHandler cgi-script .cgi\r
+<IfModule mod_setenvif.c>\r
+ BrowserMatch "Mozilla/2" nokeepalive\r
+ BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0\r
+ BrowserMatch "RealPlayer 4\.0" force-response-1.0\r
+ BrowserMatch "Java/1\.0" force-response-1.0\r
+ BrowserMatch "JDK/1\.0" force-response-1.0\r
+</IfModule>\r
+\r
+###\r
+### SSL Configuration\r
+###\r
+AddType application/x-x509-ca-cert .crt\r
+AddType application/x-pkcs7-crl .crl\r
+\r
+SSLPassPhraseDialog builtin\r
+SSLSessionCache dbm:/var/log/httpd/ssl_scache\r
+SSLSessionCacheTimeout 900\r
+SSLMutex file:/var/log/httpd/ssl_mutex\r
+SSLRandomSeed startup builtin\r
+SSLRandomSeed connect builtin\r
+SSLLog /var/log/httpd/ssl_engine_log\r
+SSLLogLevel info\r
+\r
+<VirtualHost _default_:444>\r
+ RewriteEngine on\r
+ RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)\r
+ RewriteRule .* - [F]\r
+ DocumentRoot /home/httpd/html\r
+ ServerAdmin root@localhost\r
+ ErrorLog /var/log/httpd/error_log\r
+ TransferLog /var/log/httpd/access_log\r
+ SSLEngine on\r
+ SSLProtocol all -SSLv2\r
+ SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP\r
+ SSLCertificateFile /etc/httpd/server.crt\r
+ SSLCertificateKeyFile /etc/httpd/server.key\r
+ <Files ~ "\.(cgi|shtml?)$">\r
+ SSLOptions +StdEnvVars\r
+ </Files>\r
+ <Directory /home/httpd/cgi-bin>\r
+ SSLOptions +StdEnvVars\r
+ </Directory>\r
+ SetEnv HOME /home/nobody\r
+ SetEnvIf User-Agent ".*MSIE.*" \\r
+ nokeepalive ssl-unclean-shutdown \\r
+ downgrade-1.0 force-response-1.0\r
+ CustomLog /var/log/httpd/ssl_request_log \\r
+ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"\r
+</VirtualHost>\r
+\r
+<Directory /home/httpd/html/backup>\r
+ Options None\r
+ AllowOverride None\r
+ AuthName "Restricted"\r
+ AuthType Basic\r
+ AuthUserFile /var/ipcop/auth/users\r
+ require user admin\r
+</Directory>\r
+\r
+include /etc/httpd/conf/hostname.conf\r
projects / ipfire-2.x.git / commitdiff
