######CONFIG START
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 8 MB
maximum_object_size 50960 KB
maximum_object_size_in_memory 16 KB
cache_dir diskd /squidcache/squid/cache 10000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
pid_filename /usr/local/etc/squid/squid.pid
hosts_file /etc/hosts
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp:	 1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern .	 0	20%	10080
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80	 # http
acl Safe_ports port 8080	#also http
acl Safe_ports port 21	 # ftp
acl Safe_ports port 443 563	# https, snews
acl Safe_ports port 70	 # gopher
acl Safe_ports port 210	 # wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280	 # http-mgmt
acl Safe_ports port 488	 # gss-http
acl Safe_ports port 591	 # filemaker
acl Safe_ports port 777	 # multiling http
acl CONNECT method CONNECT
acl blacklist dstdomain "/usr/local/etc/squid/blacklist.txt"
http_access deny blacklist
http_access allow manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#change below 10.0.1.0/24 to what matches your LAN IP address space
acl our_networks src 192.168.1.1-192.168.1.100/255.255.255.255
http_access allow our_networks
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr you@somedomain.com
cache_effective_user squid
visible_hostname proxy.mydomain.com
cachemgr_passwd secret all
coredump_dir /squidcache/coredump
######CONFIG END