## Recommended minimum configuration:## Example rule allowing access fro

1. ## Recommended minimum configuration:
2. #
3.  
4.  
5. # Example rule allowing access from your local networks.
6. # Adapt to list your (internal) IP networks from where browsing
7. # should be allowed
8. acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
9. acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
10. acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
11. acl localnet src fc00::/7 # RFC 4193 local private network range
12. acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
13.  
14.  
15. acl SSL_ports port 443
16. acl Safe_ports port 80 # http
17. acl Safe_ports port 21 # ftp
18. acl Safe_ports port 443 # https
19. acl Safe_ports port 70 # gopher
20. acl Safe_ports port 210 # wais
21. acl Safe_ports port 1025-65535 # unregistered ports
22. acl Safe_ports port 280 # http-mgmt
23. acl Safe_ports port 488 # gss-http
24. acl Safe_ports port 591 # filemaker
25. acl Safe_ports port 777 # multiling http
26. acl CONNECT method CONNECT
27.  
28.  
29. forwarded_for off
30. request_header_access Allow allow all
31. request_header_access Authorization allow all
32. request_header_access WWW-Authenticate allow all
33. request_header_access Proxy-Authorization allow all
34. request_header_access Proxy-Authenticate allow all
35. request_header_access Cache-Control allow all
36. request_header_access Content-Encoding allow all
37. request_header_access Content-Length allow all
38. request_header_access Content-Type allow all
39. request_header_access Date allow all
40. request_header_access Expires allow all
41. request_header_access Host allow all
42. request_header_access If-Modified-Since allow all
43. request_header_access Last-Modified allow all
44. request_header_access Location allow all
45. request_header_access Pragma allow all
46. request_header_access Accept allow all
47. request_header_access Accept-Charset allow all
48. request_header_access Accept-Encoding allow all
49. request_header_access Accept-Language allow all
50. request_header_access Content-Language allow all
51. request_header_access Mime-Version allow all
52. request_header_access Retry-After allow all
53. request_header_access Title allow all
54. request_header_access Connection allow all
55. request_header_access Proxy-Connection allow all
56. request_header_access User-Agent allow all
57. request_header_access Cookie allow all
58. request_header_access All deny all
59. cache deny all
60.  
61. #
62. # Recommended minimum Access Permission configuration:
63. #
64. # Only allow cachemgr access from localhost
65. http_access allow manager localhost
66. http_access deny manager
67.  
68.  
69. # Deny requests to certain unsafe ports
70. http_access deny !Safe_ports
71.  
72.  
73. # Deny CONNECT to other than secure SSL ports
74. http_access deny CONNECT !SSL_ports
75.  
76.  
77. # Add your home IP after src
78. acl user1 src 192.168.0.1
79.  
80.  
81. # Squid normally listens to port 3128
82. http_port 3128
83.  
84.  
85. # Define Port
86. acl port1 myport 3128
87.  
88.  
89. # All outgoing IPs
90. tcp_outgoing_address 91.214.114.221 port1
91.  
92.  
93. # Define IP
94. acl ip1 myip 91.214.114.221
95.  
96.  
97. http_access allow user1 ip1
98. http_access deny all
99.  
100.  
101. # Turn off persistent connections
102. server_persistent_connections off