cache_peer proxy2.us.webscanningservice.com parent 3128 0000 default no-query no-digest

auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe
auth_param ntlm children 40
auth_param ntlm keep_alive on

auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

external_acl_type AD_global_group ttl=120 %LOGIN c:/squid/libexec/mswin_check_ad_group.exe -G

ftp_user squid@bicgraphic.com

acl all src all			#0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl goto_meeting dst 216.115.208.0/20 216.219.112.0/20 66.151.158.0/24 66.151.150.160/27 66.151.115.128/26 64.74.80.0/24 202.173.24.0/21 67.217.64.0/19 78.108.112.0/20 68.64.0.0/19 206.183.100.0/22

acl WindowsUpdate dstdomain -i "c:/squid/etc/windowsupdate.txt"

acl bypass_auth src "C:\squid\etc\ByPass_Auth_SRC_IP.txt"
acl bypass_auth-external dstdomain "C:\squid\etc\ByPass_Auth_DST_DOMAIN.txt"

acl DIRECT src "C:\squid\etc\Direct_SRC_IP.txt"
acl DIRECT-external dstdomain "C:\squid\etc\Direct_DST_DOMAIN.txt"

acl Java browser Java/[0-9]

acl Approved_IP dstdomain "C:\squid\etc\Approved_IP.txt"

# Domains accessible to all PC's
acl Approved_Domains dstdomain "C:\squid\etc\Approved.txt"

acl SSL_ports port 443
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443		# https
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http

acl CONNECT method CONNECT
acl ftp proto FTP

acl authproxy proxy_auth REQUIRED
acl our_networks src 172.16.0.0/12 
acl HEAD method HEAD

acl InetAllow external AD_global_group NA\CLW.Squid.Full

acl password proxy_auth REQUIRED src 172.16.0.0/12 #MP

http_access allow manager localhost
http_access allow HEAD
http_access allow ftp
http_access allow WindowsUpdate
http_access allow bypass_auth
http_access allow bypass_auth-external
http_access allow Approved_Domains
http_access allow goto_meeting
http_access allow Java
http_access allow Approved_IP
http_access allow InetAllow 
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny !our_networks

icp_access allow all

http_access deny all

http_port 172.23.4.22:3128

hierarchy_stoplist cgi-bin ?

access_log c:/squid/var/logs/access.log squid
cache_log c:/squid/var/logs/cache.log squid

cache_store_log none

acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern .		0	20%	4320

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

coredump_dir c:/squid/var/cache

acl INTERNAL dst 172.16.0.0/12
always_direct allow INTERNAL