From HerzbubeWiki
Jump to: navigation, search

Debian packages



Debian article for configuring squid






The main configuration file for squid is


Another configuration file which I am going to ignore because it contains irrelevant settings


By default, squid is listening on port 3128, on all interfaces. I want it to listen on port 8080, and only on interfaces that receive outgoing HTTP connections. This is what it looks like:


(note that squid does not listen for https connections by default, and I also don't want it to cache those)

Allow access from the localhost and the network:

acl localhost src
acl our_networks src
http_access allow localhost
http_access allow our_networks

(the localhost rules were already present in the default configuration; the default configuration also contains many more rules which are not listed here)

Administrative information:

cache_mgr webmaster@herzbube.ch

The Debian Administration article mentions a couple of options whose names begin with "httpd_accel". I could not find these options in the default configuration, nor was I able to find out conclusively why they are missing, what their purpose is, etc. The only hint I got so far is this FAQ entry on the Squid homepage which clarifies the terms "accelerator" and "proxy cache". It seems that what I want to do is not an accelerator, so for the moment I am going to ignore the options discusssed in the Debian article since they all seem to refer to accelerator stuff.

Transparent proxying

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port