[squid-users] Need help with Parent/Client proxy configuration

From: Benjamin E. Nichols <mrnicholsb_at_gmail.com>
Date: Tue, 28 Feb 2012 13:57:40 -0800

     I currently have two networks, one is upstream of the other

192.168.1.x with squid 3.1.16 cache @ 129.168.1.205

and down stream

10.10.1.x network with 10.10.1.105 Squid 3.1.16 Proxy cache

I need to know what I need to ad to the 10.10.1.x proxy config file to
enable caching from the upstream squid box, and I want both squid
machines to serve cache.

#########################################################################################################
#Begin Squid Configuration 10.10.1.105
#########################################################################################################

http_port 10.10.1.105:3128
hierarchy_stoplist cgi-bin ?
icp_port 3129

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

dns_nameservers 10.10.1.1
hosts_file /etc/hosts
cache_swap_low 95
cache_swap_high 98
access_log /var/log/squid3/access.log
cache_mem 500 MB
memory_pools on
maximum_object_size_in_memory 150 MB
maximum_object_size 150 MB
log_icp_queries off
half_closed_clients on
cache_mgr mrnicholsb_at_gmail.com
cache_dir ufs /mnt/secondary/var/spool/squid3 14000 32 256
visible_hostname deviant.evil
shutdown_lifetime 1 second

acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.10.1.0/24
#acl blacklist dstdomain "/mnt/secondary/squid3/squid-block.acl"

acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21 # http
acl Safe_ports port 443 # ftp
acl Safe_ports port 70 # https
acl Safe_ports port 210 # gopher
acl Safe_ports port 1025-65535 # wais
acl Safe_ports port 280 # unregistered ports
acl Safe_ports port 488 # http-mgmt
acl Safe_ports port 591 # gss-http
acl Safe_ports port 777 # filemaker
acl CONNECT method CONNECT # multiling http

#icp_access allow localnet
#icp_access deny all

#http_access deny blacklist
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access deny all
Received on Tue Feb 28 2012 - 21:57:50 MST

This archive was generated by hypermail 2.2.0 : Wed Feb 29 2012 - 12:00:06 MST