#  TAG: refresh_pattern
#       usage: refresh_pattern [-i] regex min percent max [options]
#       The refresh_pattern lines are checked in the order listed here.
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
# This sets the maximum cached object to 30M, this allows for kernels and
# other large files to be cached
maximum_object_size 30000 KB
#useragent_log
# Mime headers generates a lote more information in the logs, it may be useful
# for analysis
log_mime_hdrs on
#referer_log
# Here we are logging fully qualified domain names instead of just IP addresses
log_fqdn        on
# Where we are logging to.
cache_access_log /var/log/squid/access.log
# How much memory we should use for the cache
cache_mem 100 MB
#emulate_httpd_log on
# The redirect program Squid Guard is used for web filtering and control.
redirect_program /usr/bin/squidGuard -c /etc/squidguard/squidguard.conf
# This is where the cache is stored
cache_dir ufs /home/spool/squid 100 16 256
# This is used on the error pages as a contact name
cache_mgr cache@harkness.co.uk
# This auth data is used to authenticate users against a samba / windows machine
auth_param basic program /usr/lib/squid/pam_auth  
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours


# Here we are with part of the access control
# Note that we start with acl (Access Control List) [src|dst|filter|proxy_auth]
# there are others, you can read about these in the documentation.  There are additive
# so if you put in two sources in the same list they will cancel out
# start small and build
acl xpassword proxy_auth REQUIRED
acl filter url_regex "/etc/squid/banned"
#deny_info XANDER_ERR filter
acl all src 0.0.0.0
acl harr src 212.185.122.80
acl xpassword proxy_auth 
acl harrodian src 10.2.212.0/24
acl xander src 80.200.15.32/24
acl private src 192.168.5.0/24
http_access deny  filter
http_access allow harrodian 
http_access allow harr
http_access allow xander 
http_access allow webs 
http_access allow private 
http_access allow xpassword
# Stick a deny all in at the end or someone will abuse your proxy.
http_access deny all