squid/squid.conf

# Accept local network
acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
acl localnet src fc00::/7
acl localnet src fe80::/10

# Allow ports
acl Safe_ports port 80
acl Safe_ports port 8080
acl Safe_ports port 443
acl SSL_ports port 443
acl purge method PURGE
acl CONNECT method CONNECT

# Access rules
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all

# Squid normally listens to port 3128
http_port 3128

# Parent proxy (ziproxy)
cache_peer 127.0.0.1 parent 8080 0 no-query
never_direct allow !SSL_ports
always_direct allow SSL_ports

cache_effective_user squid
cache_effective_group squid

# Hostname
visible_hostname three-layer-compression-proxy

# Don't send forwarded_for and via header
forwarded_for off
via off

# chache memory limit
cache_mem 256 MB

# PATH, size(MB) directory subdirectory
cache_dir ufs /var/spool/squid 512 16 256

# Cache settings
refresh_pattern -i (jpg|jpeg|png|gif|css|js) 1440  100%  10000 override-expire
refresh_pattern -i (html|htm)                1440  100%  10000 override-expire
refresh_pattern .                            0     0%     0

# Misc.
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
acl apache rep_header Server ^Apache
hosts_file /etc/squid/hosts
coredump_dir /var/spool/squid
access_log /var/log/squid/access.log squid