# WELCOME TO SQUID 3.0.STABLE15 # ---------------------------- # # This is the default Squid configuration file. You may wish # to look at the Squid home page (http://www.squid-cache.org/) # for the FAQ and other documentation. # # The default Squid config file shows what the defaults for # various options happen to be. If you don't need to change the # default, you shouldn't uncomment the line. Doing so may cause # run-time problems. In some cases "none" refers to no default # setting at all, while in other cases it refers to a valid # option - the comments for that keyword indicate if this is the # case. # # Configuration options can be included using the "include" directive. # Include takes a list of files to include. Quoting and wildcards is # supported. # # For example, # # include /path/to/included/file/squid.acl.config # # Includes can be nested up to a hard-coded depth of 16 levels. # This arbitrary restriction is to prevent recursive include references # from causing Squid entering an infinite loop whilst trying to load # configuration files. # OPTIONS FOR AUTHENTICATION # ----------------------------------------------------------------------------- acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl localnet src 192.168.1.0/255.255.255.0 # RFC1918 possible internal network # acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny to_localhost acl badsite_list url_regex xxxsite.com http_access deny badsite_list http_access allow localnet http_access allow localhost http_access deny all # http_reply_access allow|deny [!] aclname ... icp_access allow localnet icp_access deny all htcp_access allow localnet htcp_access deny all http_port 8080 hierarchy_stoplist cgi-bin ? access_log /var/log/squid/access.log squid debug_options ALL,1 url_rewrite_program /usr/bin/squidGuard cache deny all refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern (cgi-bin|\?) 0 0% 0 refresh_pattern . 0 20% 4320 cache_mgr dazzling@dazzlingsolutions.com icp_port 3130 coredump_dir /var/spool/squid