acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
#acl Safe_ports port 1025-65535 # unregistered ports
acl CONNECT method CONNECT

#acl allowedips src 10.8.0.0/24

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager

#http_access allow allowedips
http_access allow all

http_access deny manager
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid3
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

cache_dir ufs /var/spool/squid3 512 16 256
cache_mem 256 MB
maximum_object_size 15 MB

positive_dns_ttl 8 hours
negative_ttl 1 minutes

#visible_hostname proxy.local
#httpd_suppress_version_string on
via off
forwarded_for off
follow_x_forwarded_for deny all
request_header_access X-Forwarded-For deny all

dns_nameservers 8.8.8.8 80.67.169.12 80.67.169.40