Squid.conf

1. acl all src all
2. acl manager proto cache_object
3. acl localhost src 127.0.0.1/32 ::1
4. acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
5.  
6. # Example rule allowing access from your local networks.
7. # Adapt to list your (internal) IP networks from where browsing
8. # should be allowed
9. acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
10. acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
11. acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
12. acl localnet src fc00::/7 # RFC 4193 local private network range
13. acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
14.  
15. #acl allowed ports
16. acl SSL_ports port 443 # https
17. acl SSL_ports port 563 # snews
18. acl SSL_ports port 873 # rsync
19. acl Safe_ports port 80 # http
20. acl Safe_ports port 21 # ftp
21. acl Safe_Ports port 22 # ssh
22. acl Safe_ports port 443 # https
23. acl Safe_ports port 70 # gopher
24. acl Safe_ports port 210 # wais
25. acl Safe_ports port 1025-65535 # unregistered ports
26. acl Safe_ports port 280 # http-mgmt
27. acl Safe_ports port 488 # gss-http
28. acl Safe_ports port 591 # filemaker
29. acl Safe_ports port 777 # multiling http
30. acl Safe_ports port 631 # cups
31. acl Safe_ports port 873 # rsync
32. acl Safe_ports port 901 # SWAT
33. acl purge method PURGE
34. acl CONNECT method CONNECT
35.  
36. #
37. # Recommended minimum Access Permission configuration:
38. #
39. # Only allow cachemgr access from localhost
40. http_access allow manager localhost
41. http_access deny manager
42.  
43. # Deny requests to certain unsafe ports
44. http_access deny !Safe_ports
45.  
46. # Deny CONNECT to other than secure SSL ports
47. http_access deny CONNECT !SSL_ports
48.  
49. # We strongly recommend the following be uncommented to protect innocent
50. # web applications running on the proxy server who think the only
51. # one who can access services on "localhost" is a local user
52. #http_access deny to_localhost
53.  
54. #
55. # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
56. #
57.  
58. # Example rule allowing access from your local networks.
59. # Adapt localnet in the ACL section to list your (internal) IP networks
60. # from where browsing should be allowed
61. http_access allow localnet
62. acl localnet src localhost
63. acl test src 123.123.123.123(example)part of internal
64. acl home src 456.456.456.456(example)part of external
65.  
66. # And finally deny all other access to this proxy
67. http_access deny all
68.  
69. # Squid normally listens to port 3128
70. http_port 123.123.123.123:4444
71.  
72. # We recommend you to use at least the following line.
73. hierarchy_stoplist cgi-bin ?
74.  
75. # Uncomment and adjust the following to add a disk cache directory.
76. #cache_dir ufs /var/spool/squid 100 16 256
77.  
78. # Leave coredumps in the first cache dir
79. coredump_dir /var/spool/squid
80.  
81. # Add any of your own refresh_pattern entries above these.
82. refresh_pattern ^ftp: 1440 20% 10080
83. refresh_pattern ^gopher: 1440 0% 1440
84. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
85. refresh_pattern . 0 20% 4320
86.  
87. # Outgoing IP Address
88. tcp_outgoing_address 172.168.0.2