#
# Recommended minimum configuration:
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#acl  all           src    all   
#acl  localhost     src    127.0.0.0/8 
visible_hostname "genTooBox"
# Classes
acl  localnet      src         10.0.0.0/8                        # RFC1918 possible internal network
acl  localnet      src         172.16.0.0/12                     # RFC1918 possible internal network
acl  localnet      src         192.168.0.0/16                    # RFC1918 possible internal network
acl  localnet      src         fc00::/7                          # RFC 4193 local private network range
acl  localnet      src         fe80::/10                         # RFC 4291 link-local (directly plugged) machines
acl  localhost     src         127.0.0.1/32                      # Localhost
acl  lan           src         172.16.0.0/24                     # LAN where authorized clients reside
acl  to_localhost  dst         127.0.0.0/8 0.0.0.0/32            # Requests to localhost
acl  local_net     src         192.168.1.1/24
acl  SSL_ports     port        443                               # https port
acl  Safe_ports    port        80 21 443                         # http, ftp, https ports
acl  CONNECT       method      CONNECT                           # SSL CONNECT method

# Only allow cachemgr access from localhost
http_access  allow  manager localhost
http_access  deny   manager

# Deny requests to unknown ports
http_access  deny   !Safe_ports

# Deny CONNECT to other than SSL ports
http_access  deny   CONNECT !SSL_ports

# Prevent access to local web applications from remote users
http_access  deny   to_localhost

# Allow access from the local network
http_access  allow  lan
http_access  allow local_net
http_access  allow localhost

# Default deny (this must be the last rule)
http_access  deny   all


# Squid normally listens to port 3128
#http_port 192.168.1.1:3128 transparent
http_port 127.0.0.1:3128 

cache_mem 150 MB

cache_dir ufs /var/cache/squid 500 16 256
cache_mgr   genTooBox@moptund.com

offline_mode off


maximum_object_size 102400 KB
reload_into_ims off

cache_effective_user    squid
cache_effective_group   squid

ftp_user    genTooBox@moptund.com

# Define the access log format
logformat squid  %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt

# Log client request activities ('squid' is the name of the log format to use)
access_log       /var/log/squid/access.log squid

# Log information about the cache's behavior
cache_log        /var/log/squid/cache.log

# Log the activities of the storage manager
cache_store_log  /var/log/squid/store.log

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/cache/squid 100 16 256

always_direct allow all
# Leave coredumps in the first cache dir
coredump_dir /var/cache/squid

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern .		0	20%	4320

redirect_program /usr/bin/squidGuard
redirect_children 5