Process: 1404 ExecStart=/usr/sbin/squid $SQUID_OPTS -f $SQUID_CONF (code=exited, status=0/SUCCESS) Loaded: loaded (/usr/lib/systemd/system/rvice enabled vendor preset: disabled)Īctive: active (running) since Wed 15:08:15 MDT 3 days ago Now let’s create the SSL database and make sure the squid user can access it: 0Ē0%Ĕ320ħ 15:13:06| Initializing https proxy contextħ 15:13:06| Initializing http_port :3128 SSL contextħ 15:13:06| Using certificate in /etc/squid/certs/squid-ca-cert-key.pemħ 15:13:06| Initializing https_port :3129 SSL context ħ 15:13:06| Startup: Initialized Authentication Scheme 'basic'ħ 15:13:06| Startup: Initialized Authentication Scheme 'digest'ħ 15:13:06| Startup: Initialized Authentication Scheme 'negotiate'ħ 15:13:06| Startup: Initialized Authentication Scheme 'ntlm'ħ 15:13:06| Startup: Initialized Authentication.ħ 15:13:06| Processing Configuration File: /etc/squid/nf (depth 0)ħ 15:13:06| Processing: acl localnet src 10.0.0.0/8 # RFC1918 possible internal networkħ 15:13:06| Processing: acl localnet src 172.16.0.0/12 # RFC1918 possible internal networkħ 15:13:06| Processing: acl localnet src 192.168.0.0/16 # RFC1918 possible internal networkħ 15:13:06| Processing: acl localnet src fc00::/7 # RFC 4193 local private network rangeħ 15:13:06| Processing: acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machinesħ 15:13:06| Processing: acl SSL_ports port 443ħ 15:13:06| Processing: acl Safe_ports port 80 # httpħ 15:13:06| Processing: acl Safe_ports port 21 # ftpħ 15:13:06| Processing: acl Safe_ports port 443 # httpsħ 15:13:06| Processing: acl Safe_ports port 70 # gopherħ 15:13:06| Processing: acl Safe_ports port 210 # waisħ 15:13:06| Processing: acl Safe_ports port 1025-65535 # unregistered portsħ 15:13:06| Processing: acl Safe_ports port 280 # http-mgmtħ 15:13:06| Processing: acl Safe_ports port 488 # gss-httpħ 15:13:06| Processing: acl Safe_ports port 591 # filemakerħ 15:13:06| Processing: acl Safe_ports port 777 # multiling httpħ 15:13:06| Processing: acl CONNECT method CONNECTħ 15:13:06| Processing: http_access deny !Safe_portsħ 15:13:06| Processing: http_access deny CONNECT !SSL_portsħ 15:13:06| Processing: http_access allow localhost managerħ 15:13:06| Processing: http_access deny managerħ 15:13:06| Processing: http_access allow localnetħ 15:13:06| Processing: http_access allow localhostħ 15:13:06| Processing: http_access deny allħ 15:13:06| Processing: http_port 3128 ssl-bump cert=/etc/squid/certs/squid-ca-cert-key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=16MBħ 15:13:06| Processing: https_port 3129 intercept ssl-bump cert=/etc/squid/certs/squid-ca-cert-key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=16MBħ 15:13:06| Starting Authentication on port :3129ħ 15:13:06| Disabling Authentication on port :3129 (interception enabled)ħ 15:13:06| Processing: sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 16MBħ 15:13:06| Processing: acl step1 at_step SslBump1ħ 15:13:06| Processing: ssl_bump peek step1ħ 15:13:06| Processing: ssl_bump bump allħ 15:13:06| Processing: ssl_bump splice allħ 15:13:06| Processing: coredump_dir /var/spool/squidħ 15:13:06| Processing: refresh_pattern ^ftp: 1440Ē0%đ0080ħ 15:13:06| Processing: refresh_pattern ^gopher:đ440Đ%đ440ħ 15:13:06| Processing: refresh_pattern -i (/cgi-bin/|\?) 0Đ%Đħ 15:13:06| Processing: refresh_pattern. Sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 16MBħ 15:13:06| Startup: Initializing Authentication Schemes. Generate-host-certificates=on dynamic_cert_mem_cache_size=16MB Acl localnet src 10.0.0.0/8 # RFC1918 possible internal networkĪcl localnet src 172.16.0.0/12 # RFC1918 possible internal networkĪcl localnet src 192.168.0.0/16 # RFC1918 possible internal networkĪcl localnet src fc00::/7 # RFC 4193 local private network rangeĪcl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machinesĪcl Safe_ports port 1025-65535 # unregistered portsĬert=/etc/squid/certs/squid-ca-cert-key.pem \
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |