source: packages/net/tinyproxy/files/tinyproxy.config @ 24048

Last change on this file since 24048 was 24048, checked in by jow, 5 years ago

[packages] tinyproxy: fix logfile option

File size: 6.7 KB
Line 
1config tinyproxy
2
3#
4# Enable the proxy
5#
6option enable 0
7
8#
9# Name of the user the tinyproxy daemon should switch to after the port
10# has been bound.
11#
12option User nobody
13option Group nogroup
14
15#
16# Port to listen on.
17#
18option Port 8888
19
20#
21# If you have multiple interfaces this allows you to bind to only one. If
22# this is commented out, tinyproxy will bind to all interfaces present.
23#
24#option Listen 192.168.0.1
25
26#
27# The Bind directive allows you to bind the outgoing connections to a
28# particular IP address.
29#
30#option Bind 192.168.0.1
31
32#
33# Timeout: The number of seconds of inactivity a connection is allowed to
34# have before it closed by tinyproxy.
35#
36option Timeout 600
37
38#
39# ErrorFile: Defines the HTML file to send when a given HTTP error
40# occurs.  You will probably need to customize the location to your
41# particular install.  The usual locations to check are:
42#   /usr/local/share/tinyproxy
43#   /usr/share/tinyproxy
44#   /etc/tinyproxy
45#
46#option ErrorFile_404 "/usr/share/tinyproxy/404.html"
47#option ErrorFile_400 "/usr/share/tinyproxy/400.html"
48#option ErrorFile_503 "/usr/share/tinyproxy/503.html"
49#option ErrorFile_403 "/usr/share/tinyproxy/403.html"
50#option ErrorFile_408 "/usr/share/tinyproxy/408.html"
51
52#
53# DefaultErrorFile: The HTML file that gets sent if there is no
54# HTML file defined with an ErrorFile keyword for the HTTP error
55# that has occured.
56#
57option DefaultErrorFile "/usr/share/tinyproxy/default.html"
58
59#
60# StatFile: The HTML file that gets sent when a request is made
61# for the stathost.  If this file doesn't exist a basic page is
62# hardcoded in tinyproxy.
63#
64option StatFile "/usr/share/tinyproxy/stats.html"
65
66#
67# Where to log the information. Either LogFile or Syslog should be set,
68# but not both.
69#
70option LogFile "/var/log/tinyproxy.log"
71#option Syslog On
72
73#
74# Set the logging level. Allowed settings are:
75#       Critical        (least verbose)
76#       Error
77#       Warning
78#       Notice
79#       Connect         (to log connections without Info's noise)
80#       Info            (most verbose)
81# The LogLevel logs from the set level and above. For example, if the LogLevel
82# was set to Warning, than all log messages from Warning to Critical would be
83# output, but Notice and below would be suppressed.
84#
85option LogLevel Info
86
87#
88# Include the X-Tinyproxy header, which has the client's IP address when
89# connecting to the sites listed.
90#
91# list XTinyproxy mydomain.com
92
93#
94# This is the absolute highest number of threads which will be created. In
95# other words, only MaxClients number of clients can be connected at the
96# same time.
97#
98option MaxClients 100
99
100#
101# These settings set the upper and lower limit for the number of
102# spare servers which should be available. If the number of spare servers
103# falls below MinSpareServers then new ones will be created. If the number
104# of servers exceeds MaxSpareServers then the extras will be killed off.
105#
106option MinSpareServers 5
107option MaxSpareServers 20
108
109#
110# Number of servers to start initially.
111#
112option StartServers 10
113
114#
115# MaxRequestsPerChild is the number of connections a thread will handle
116# before it is killed. In practise this should be set to 0, which disables
117# thread reaping. If you do notice problems with memory leakage, then set
118# this to something like 10000
119#
120option MaxRequestsPerChild 0
121
122#
123# The following is the authorization controls. If there are any access
124# control keywords then the default action is to DENY. Otherwise, the
125# default action is ALLOW.
126#
127# Also the order of the controls are important. The incoming connections
128# are tested against the controls based on order.
129#
130list Allow 127.0.0.1
131#list Allow 192.168.0.0/16
132#list Allow 172.16.0.0/12
133#list Allow 10.0.0.0/8
134
135#
136# The "Via" header is required by the HTTP RFC, but using the real host name
137# is a security concern.  If the following directive is enabled, the string
138# supplied will be used as the host name in the Via header; otherwise, the
139# server's host name will be used.
140#
141option ViaProxyName "tinyproxy"
142
143#
144# The location of the filter file.
145#
146#option Filter "/etc/tinyproxy/filter"
147
148#
149# Filter based on URLs rather than domains.
150#
151#option FilterURLs On
152
153#
154# Use POSIX Extended regular expressions rather than basic.
155#
156#option FilterExtended On
157
158#
159# Use case sensitive regular expressions.
160#                                                                         
161#option FilterCaseSensitive On     
162
163#
164# Change the default policy of the filtering system.  If this directive is
165# commented out, or is set to "No" then the default policy is to allow
166# everything which is not specifically denied by the filter file.
167#
168# However, by setting this directive to "Yes" the default policy becomes to
169# deny everything which is _not_ specifically allowed by the filter file.
170#
171#option FilterDefaultDeny Yes
172
173#
174# If an Anonymous keyword is present, then anonymous proxying is enabled.
175# The headers listed are allowed through, while all others are denied. If
176# no Anonymous keyword is present, then all header are allowed through.
177# You must include quotes around the headers.
178#
179#list Anonymous "Host"
180#list Anonymous "Authorization"
181
182#
183# This is a list of ports allowed by tinyproxy when the CONNECT method
184# is used.  To disable the CONNECT method altogether, set the value to 0.
185# If no ConnectPort line is found, all ports are allowed (which is not
186# very secure.)
187#
188# The following two ports are used by SSL.
189#
190list ConnectPort 443
191list ConnectPort 563
192
193#
194# Turns on upstream proxy support.
195#
196# The upstream rules allow you to selectively route upstream connections
197# based on the host/domain of the site being accessed.
198#
199# For example:
200#  # connection to test domain goes through testproxy
201#
202#config upstream
203#       option type proxy
204#       option via testproxy:8008
205#       option target ".test.domain.invalid"
206#
207#config upstream
208#       option type proxy
209#       option via testproxy:8008
210#       option target ".our_testbed.example.com"
211#
212#config upstream
213#       option type proxy
214#       option via testproxy:8008
215#       option target "192.168.128.0/255.255.254.0"
216#
217#  # no upstream proxy for internal websites and unqualified hosts
218#
219#config upstream
220#       option type reject
221#       option target ".internal.example.com"
222#
223#config upstream
224#       option type reject
225#       option target "www.example.com"
226#
227#config upstream
228#       option type reject
229#       option target "10.0.0.0/8"
230#
231#config upstream
232#       option type reject
233#       option target "192.168.0.0/255.255.254.0"
234#
235#config upstream
236#       option type reject
237#       option target "."
238#
239#  # default upstream is internet firewall
240#
241#config upstream
242#       option type proxy
243#       option via firewall.internal.example.com:80
244#
245# The LAST matching rule wins the route decision.  As you can see, you
246# can use a host, or a domain:
247#  name     matches host exactly
248#  .name    matches any host in domain "name"
249#  .        matches any host with no domain (in 'empty' domain)
250#  IP/bits  matches network/mask
251#  IP/mask  matches network/mask
Note: See TracBrowser for help on using the repository browser.