From d89c077bd8905bdd079d69b11bedc1eb440067b9 Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Sun, 29 Nov 2009 12:46:11 +0100 Subject: add etables, finetune squid package, more busybox finetuning --- package/squid/Config.in | 1 + package/squid/Makefile | 12 ++++++------ package/squid/files/squid.conf | 27 +++++++++++++++++++++++++++ 3 files changed, 34 insertions(+), 6 deletions(-) create mode 100644 package/squid/files/squid.conf (limited to 'package/squid') diff --git a/package/squid/Config.in b/package/squid/Config.in index c0cc8f818..c597986d8 100644 --- a/package/squid/Config.in +++ b/package/squid/Config.in @@ -4,6 +4,7 @@ config ADK_PACKAGE_SQUID tristate default n select ADK_PACKAGE_LIBOPENSSL + select ADK_PACKAGE_LIBPTHREAD help Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional diff --git a/package/squid/Makefile b/package/squid/Makefile index 80f97c032..9395c65c8 100644 --- a/package/squid/Makefile +++ b/package/squid/Makefile @@ -5,7 +5,7 @@ include ${TOPDIR}/rules.mk PKG_NAME:= squid PKG_VERSION:= 3.0.STABLE20 -PKG_RELEASE:= 1 +PKG_RELEASE:= 2 PKG_MD5SUM:= b69577cfc5cfb6808ec426e3a933220d PKG_DESCR:= squid web and cache proxy PKG_SECTION:= net @@ -113,12 +113,9 @@ CONFIGURE_ARGS+= --datadir=/usr/share/squid \ --enable-x-accelerator-vary \ --with-pthreads \ --with-dl \ - --enable-icmp \ --enable-kill-parent-hack \ --enable-arp-acl \ --enable-ssl \ - --disable-htcp \ - --disable-esi \ --enable-err-languages=English \ --enable-default-err-language=English \ --enable-linux-netfilter \ @@ -128,6 +125,9 @@ CONFIGURE_ARGS+= --datadir=/usr/share/squid \ --enable-cache-digests \ --enable-referer-log \ --enable-delay-pools \ + --disable-snmp \ + --disable-esi \ + --disable-htcp \ --disable-wccp \ --disable-wccpv2 \ --enable-useragent-log \ @@ -149,8 +149,8 @@ endif post-install: ${INSTALL_MODS_y} ${INSTALL_MODS_m} ${INSTALL_DIR} ${IDIR_SQUID}/etc/squid - ${INSTALL_DATA} ${WRKINST}/etc/squid/mime.conf \ - ${WRKINST}/etc/squid/squid.conf ${IDIR_SQUID}/etc/squid/ + ${INSTALL_DATA} ${WRKINST}/etc/squid/mime.conf ${IDIR_SQUID}/etc/squid/ + ${INSTALL_DATA} ./files/squid.conf ${IDIR_SQUID}/etc/squid/ ${INSTALL_DIR} ${IDIR_SQUID}/usr/share/squid ${CP} ${WRKINST}/usr/share/squid/* ${IDIR_SQUID}/usr/share/squid/ ${INSTALL_DIR} ${IDIR_SQUID}/usr/sbin ${IDIR_SQUID}/usr/lib/squid diff --git a/package/squid/files/squid.conf b/package/squid/files/squid.conf new file mode 100644 index 000000000..86ffa60c7 --- /dev/null +++ b/package/squid/files/squid.conf @@ -0,0 +1,27 @@ +visible_hostname linux +http_port 3128 +# acl +acl manager proto cache_object +acl localhost src 127.0.0.1/32 +acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 +acl localnet src 10.0.0.0/8 # RFC1918 possible internal network +acl localnet src 172.16.0.0/12 # RFC1918 possible internal network +acl localnet src 192.168.0.0/16 # RFC1918 possible internal network +acl SSL_ports port 443 +acl Safe_ports port 80 # http +acl Safe_ports port 21 # ftp +acl Safe_ports port 443 # https +acl Safe_ports port 70 # gopher +acl Safe_ports port 210 # wais +acl Safe_ports port 1025-65535 # unregistered ports +acl Safe_ports port 280 # http-mgmt +acl Safe_ports port 488 # gss-http +acl Safe_ports port 591 # filemaker +acl Safe_ports port 777 # multiling http +acl CONNECT method CONNECT +http_access allow manager localhost +http_access deny manager +http_access deny !Safe_ports +http_access deny CONNECT !SSL_ports +http_access allow localnet +http_access deny all -- cgit v1.2.3