# # Recommended minimum configuration: # acl manager proto cache_object acl localhost src 127.0.0.

1/32 ::1 acl to_localhost dst 127.0.0.0/ 0.0.0.0/32 ::1 #!eclaraci"#n de mi red acl !$!%&R'_()* src 172.20.30.0/2+ # ,ista de acceso para $&R-R.& !) *R-/-0& acl 1&R2_*.3) time 3*1$45 06:00720:00 #,ista de acceso para )8*)(%.&()5 !) -R%$.9&5 acl )8*_4.,)5 url_rege: ;.e:e< ;.mp3< ;.jpeg< #,ista de acceso para '-=.(-5 '&R(&=R-4.%-5 acl '&R(_,.(25 url_rege: >/etc/s?uid/*8*_4.,*)R5/'&R(_,.(25.t:t> #,ista de acceso para '-=.(-5 !) 0@)=&5 &(,.() acl =-3)5_,.(25 url_rege: >/etc/s?uid/*8*_4.,*)R5/=-3)5_,.(25.t:t> #,ista de acceso para '-=.(-5 !) !)'&R*)5 acl 5'&R*_,.(25 url_rege: >/etc/s?uid/*8*_4.,*)R5/5'&R*_,.(25.t:t>

# ):ample rule alloAing access from Bour local netAorCs. # -dapt to list Bour DinternalE .' netAorCs from Ahere broAsing # should be alloAed acl localnet src 10.0.0.0/ # R4%161 possible internal netAorC acl localnet src 172.1F.0.0/12 # R4%161 possible internal netAorC acl localnet src 162.1F .0.0/1F # R4%161 possible internal netAorC acl localnet src fc00::/7 # R4% +163 local priGate netAorC range acl localnet src fe 0::/10 # R4% +261 linC7local DdirectlB pluggedE machines acl acl acl acl acl acl acl 55,_ports port ++3 5afe_ports port 0 5afe_ports port 21 5afe_ports port ++3 5afe_ports port 70 5afe_ports port 210 5afe_ports port 102H7FHH3H # # # # # # http ftp https gopher Aais unregistered ports

acl acl acl acl acl

5afe_ports port 2 0 5afe_ports port + 5afe_ports port H61 5afe_ports port 777 %&(()%* method %&(()%*

# # # #

http7mgmt gss7http filemaCer multiling http

# # Recommended minimum -ccess 'ermission configuration: # # &nlB alloA cachemgr access from localhost http_access alloA manager localhost http_access denB manager # !enB re?uests to certain unsafe ports http_access denB I5afe_ports # !enB %&(()%* to other than secure 55, ports http_access denB %&(()%* I55,_ports # 1e stronglB recommend the folloAing be uncommented to protect innocent # Aeb applications running on the pro:B serGer Aho thinC the onlB # one Aho can access serGices on >localhost> is a local user #http_access denB to_localhost # # .(5)R* J&@R &1( R@,)D5E $)R) *& -,,&1 -%%)55 4R&3 J&@R %,.)(*5 # # 3.5 R)=,-5 D*-R)-E #Regla para establecer horario de trabajo solicitado http_access alloA 1&R2_*.3) !$!%&R'_()* #Regla para denegar acceso Aeb a e:tenciones predefinidas http_access denB )8*_4.,)5 !$!%&R'_()* #Regla para denegar acceso Aeb a paginas pornograficas http_access denB '&R(_,.(25 !$!%&R'_()* #Regla para denegar acceso Aeb a paginas de juegos en linea http_access denB =-3)5_,.(25 !$!%&R'_()* #Regla para denegar acceso Aeb a paginas de deportes http_access denB 5'&R*_,.(25 !$!%&R'_()*

# ):ample rule alloAing access from Bour local netAorCs.

# -dapt localnet in the -%, section to list Bour DinternalE .' netAorCs # from Ahere broAsing should be alloAed http_access alloA localnet http_access alloA localhost # -nd finallB denB all other access to this pro:B http_access denB all # 5?uid normallB listens to port 312 #http_port 312 #'uerto de escucha para mi 5K@.! http_port 172.20.30.1: 0 0 # 1e recommend Bou to use at least the folloAing line. hierarchB_stoplist cgi7bin L # @ncomment and adjust the folloAing to add a disC cache directorB. #cache_dir ufs /Gar/spool/s?uid 100 1F 2HF # ,eaGe coredumps in the first cache dir coredump_dir /Gar/spool/s?uid # -dd anB of Bour oAn refresh_pattern refresh_pattern Mftp: 1++0 20N refresh_pattern Mgopher: 1++0 0N refresh_pattern 7i D/cgi7bin/O;LE 0 refresh_pattern . 0 20N entries aboGe these. 100 0 1++0 0N 0 +320