Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
63ede041d8
core-agent-linux/network/tinyproxy-qubes-yum.conf
Marek Marczykowski 0430e5186b vm: qubes-yum-proxy service (#568) 
Introduce proxy service, which allow only http(s) traffic to yum repos. The
filter rules are based on URL regexp, so it isn't full-featured content
inspection and can be easy bypassed, but should be enough to prevent some
erroneus user actions (like clicking on invalid link).

It is set up to intercept connections to 10.137.255.254:8082, so VM can connect
to this IP regardless of VM in which proxy is running. By default it is
started in every NetVM, but this can be changed using qvm-service or
qubes-manager (as always).
2012-05-31 03:11:43 +02:00

31 lines
546 B
Plaintext
Raw Blame History

User tinyproxy
Group tinyproxy
Port 8082
Timeout 60
DefaultErrorFile "/usr/share/tinyproxy/default.html"
#StatHost "tinyproxy.stats"
StatFile "/usr/share/tinyproxy/stats.html"
Syslog On
LogLevel Notice
PidFile "/var/run/tinyproxy/tinyproxy-qubes-yum.pid"
MaxClients 50
MinSpareServers 2
MaxSpareServers 10
StartServers 2
MaxRequestsPerChild 0
ViaProxyName "tinyproxy"
Allow 127.0.0.1
Allow 10.137.0.0/16
Filter "/etc/tinyproxy/filter-qubes-yum"
FilterURLs On
#FilterExtended On
#FilterCaseSensitive On
FilterDefaultDeny Yes
ConnectPort 443
Reference in New Issue View Git Blame Copy Permalink