http_port 8080 transparent
#https_port 8443 transparent cert=/etc/ssl/certs/squid.pem sslflags=DONT_VERIFY_PEER
icp_port 3130
htcp_port 4827
cache_mgr kreator@fsb.hr
cache_peer 10.14.0.5 sibling 3128 3130 no-digest no-query
cache_peer 10.14.0.15 sibling 3128 3130 no-digest no-query
digest_generation on
maximum_object_size 4096 KB
maximum_object_size_in_memory 512 KB
cache_replacement_policy lru
memory_replacement_policy lru
#cache_dir diskd /opt/squid 1024 128 256 Q1=72 Q2=64
cache_dir null /tmp
access_log none
cache_log none
cache_store_log none
cache_mem 400 MB
cache_swap_low 90
cache_swap_high 95
debug_options ALL,0
log_fqdn off
redirect_children 4
redirect_rewrites_host_header on
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid-passwd
auth_param digest children 2
authenticate_ttl 2 hour
ident_timeout 9 seconds
request_header_max_size 120 KB
request_body_max_size 10 MB
half_closed_clients off
ie_refresh on
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535 280 488 591 777 901
acl purge method PURGE
acl CONNECT method CONNECT
acl QUERY urlpath_regex cgi-bin \?
acl nocache urlpath_regex -i "/etc/squid/nocache.txt"
acl spyware dstdomain src "/etc/squid/spywaredomains.txt"
acl all src 0/0
acl manager proto cache_object
acl localhost src 127.0.0.0/16
acl mironet src 20.0.0.0/24
acl fsbwifi src 10.0.0.0/24 20.0.0.10
acl wifihr src 10.14.0.0/16 20.0.0.30
acl spansko src 20.0.0.3 20.0.0.7 20.0.0.2 20.0.0.5
acl hobbit src 161.53.116.8
acl peers src 10.14.0.5 10.14.0.15 20.0.0.7
acl workday time 7:00-23:59
acl other proxy_auth REQUIRED
acl snmppublic snmp_community public
cache deny QUERY
cache deny nocache
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny spyware
http_access allow localhost
http_access allow mironet
http_access allow fsbwifi
http_access allow wifihr
http_access allow other
http_access allow peers
http_access deny all
icp_access allow peers
icp_access deny all
htcp_access allow peers
htcp_access deny all
htcp_clr_access deny all
snmp_access allow snmppublic hobbit
snmp_access deny all
memory_pools off
memory_pools_limit 256 MB
buffered_logs on
delay_pools 4
delay_initial_bucket_level 50
delay_class 1 2
delay_class 2 3
delay_class 3 2
delay_class 4 2
delay_access 1 allow fsbwifi
delay_access 1 deny all
delay_access 2 allow wifihr
delay_access 2 deny all
delay_access 3 allow workday spansko
delay_access 3 deny all
delay_access 4 allow mironet
delay_access 4 deny all
delay_parameters 1 -1/-1 102400/153600
delay_parameters 2 102400/143360 66560/71680 20480/30720
delay_parameters 3 -1/-1 66560/71680
delay_parameters 4 -1/-1 204800/307200
snmp_port 3401
client_db on
hierarchy_stoplist cgi-bin ?
prefer_direct on
always_direct allow all
follow_x_forwarded_for deny all
acl_uses_indirect_client off
delay_pool_uses_indirect_client off
log_uses_indirect_client off
httpd_suppress_version_string on
forwarded_for on