#  TAG: acl

#     Defining an Access List

=============================

#Default:

# acl all src all

#

#Recommended minimum configuration:

acl manager proto cache_object

acl localhost src 127.0.0.1/

acl to_localhost dst 127.0.0.0/

#

# Example rule allowing access from your local networks.

# Adapt to list your (internal) IP networks from where browsing

# should be allowed

acl localnet src 10.0.0.0/   # RFC1918 possible internal network

acl localnet src 172.16.0.0/      # RFC1918 possible internal network

acl localnet src 192.168.0.0/     # RFC1918 possible internal network

#

acl SSL_ports port               <------ put port  here

acl Safe_ports port         # http

acl Safe_ports port         # ftp

acl Safe_ports port        # https

acl Safe_ports port         # gopher

acl Safe_ports port        # wais

acl Safe_ports port -      # unregistered ports

acl Safe_ports port        # http-mgmt

acl Safe_ports port        # gss-http

acl Safe_ports port        # filemaker

acl Safe_ports port        # multiling http

acl CONNECT method CONNECT

#  TAG: http_access

#     Allowing or Denying access based on defined access lists
 

#  TAG: always_direct

#     Usage: always_direct allow|deny [!]aclname ...

#

#     Here you can use ACL elements to specify requests which should

#     ALWAYS be forwarded by Squid to the origin servers without using

#     any peers.  For example, to always directly forward requests for

#     local servers ignoring any parents or siblings you may have use

#     something like:

#

#           acl local-servers dstdomain my.domain.net

#           always_direct allow local-servers

#

#     To always forward FTP requests directly, use

#

#           acl FTP proto FTP

#           always_direct allow FTP

#

#     NOTE: There is a similar, but opposite option named

#     'never_direct'.  You need to be aware that "always_direct deny

#     foo" is NOT the same thing as "never_direct allow foo".  You

#     may need to use a deny rule to exclude a more-specific case of

#     some other rule.  Example:

#

#           acl local-external dstdomain external.foo.net

#           acl local-servers dstdomain  .foo.net

#           always_direct deny local-external

#           always_direct allow local-servers

#

#     NOTE: If your goal is to make the client forward the request

#     directly to the origin server bypassing Squid then this needs

#     to be done in the client configuration. Squid configuration

#     can only tell Squid how Squid should fetch the object.

#

#     NOTE: This directive is not related to caching. The replies

#     is cached as usual even if you use always_direct. To not cache

#     the replies see no_cache.

#

#     This option replaces some v1. options such as local_domain

#     and local_ip.

#

#Default:

acl FTP proto FTP

always_direct allow FTP