dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity
configpolicy/host_vars/gw1.pyrocufflink.blue/squid.yml

36 lines
939 B
YAML
Raw Blame History

squid_acl:
localnet:
- 'src 10.0.0.0/8 # RFC 1918 local private network (LAN)'
- 'src 172.16.0.0/12 # RFC 1918 local private network (LAN)'
- 'src 192.168.0.0/16 # RFC 1918 local private network (LAN)'
- 'src fc00::/7 # RFC 4193 local private network range'
- 'src fe80::/10 # RFC 4291 link-local (directly plugged) machines'
SSL_ports:
- port 443
Safe_ports:
- 'port 80 # http'
- 'port 443 # https'
CONNECT:
- method CONNECT
fedora_repo:
- dstdomain mirrors.fedoraproject.org
- dstdomain dl.fedoraproject.org
google_fonts:
- dstdomain fonts.googleapis.com
- dstdomain fonts.gstatic.com
grafana_rpm:
- dstdomain rpm.grafana.com
squid_http_access:
- 'deny !Safe_ports'
- 'deny CONNECT !SSL_ports'
- allow localhost manager
- deny manager
- deny to_localhost
- allow localnet fedora_repo
- allow localnet grafana_rpm
- allow google_fonts
- deny all
squid_cache_dir: []
Reference in New Issue View Git Blame Copy Permalink