Re: [squid-users] Adding WAN IP address to SQUID.CONF so users can run .net program // resolved

Amos,

The fixes you gave me DID work.

Thank you,

*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
*** ***
Margaret Gillon
Senior Programmer-Analyst
Chromalloy Los Angeles
2100 West 139th Street
Gardena, CA
United States
310-532-6100 extension 297
fax 310-329-2228
MargaretGillon_at_chromalloy.com

This e-mail message and any attachment(s) are for the sole use of the
intended
recipient(s) and may contain company proprietary, privileged or
confidential
information. If you are not the intended recipient(s), please contact
the
sender by reply e-mail, advise them of the error and destroy this message
and
its attachments as well as any copies. The review, use or distribution of
this
message or its content by anyone other than the intended recipient or
senior
management of the company is strictly prohibited.

Margaret Gillon/CLA/Chromalloy
09/14/2011 11:45 AM

To
squid-users_at_squid-cache.org
cc

Subject
Re: [squid-users] Adding WAN IP address to SQUID.CONF so users can run
.net program

My config file:
****************************************************************************************
#Recommended minimum configuration:
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 192.168.100.0/24 192.168.101.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 8888 # cnv virtual cage

acl CONNECT method CONNECT

#2011-09-13 from squid-cache maillist, Amos Jeffries
cache_peer 192.168.3.42 parent 8888 0 originserver no-query name=services
acl localServices dstdomain .services.chromalloy.local 192.168.3.42
cache_peer_access services allow localServices
cache_peer_access services deny all
http_access allow localnet localServices

http_access allow manager SSL_ports
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports

http_access deny to_localhost
icp_access deny all
htcp_access deny all

http_port 3128
access_log /var/log/squid3/access.log squid

#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid3

acl whitelist dstdomain "/etc/squid3/whitelist.txt"

# Allow localnet machines to whitelisted sites
http_access allow localnet whitelist

# block all other access
http_access deny all

****************************************************************************************

"This e-mail message and any attachment(s) are for the sole use of the
intended recipient(s) and may contain company proprietary, privileged or
confidential information. If you are not the intended recipient(s), please
contact the sender by reply e-mail, advise them of the error and destroy
this message and its attachments as well as any copies. The review, use or
distribution of this message or its content by anyone other than the
intended recipient or senior management of the company is strictly
prohibited."
Received on Mon Sep 19 2011 - 17:09:19 MDT