Squid currently has about 200 configuration options where actually ± 60 options are used by IPFire. If individual configurations not available in the WUI should be added, don't use /etc/squid/squid.conf because it would be overwritten by changes on the WUI. For this purpose, there is a complementary configuration file:
/var/ipfire/proxy/advanced/acls/include.acl
Entries in this file will update the /etc/squid/squid.conf, with the individual configuration placed in between the two commented lines:
#Start of custom includes
#End of custom includes
after a save and restart over the Squid WUI. The use of the WUI is necessary, as a simple restart of squid over the console will not propagate the entry to squid.conf.
Here you can find two examples of how to use the manual configuration of squid.conf and how you can control the proxy in ways that are not possible with the WUI. The following code will show the resulting changes in squid.conf. Remember, add your lines in
/var/ipfire/proxy/advanced/acls/include.acl
without:
#Start of custom includes
#End of custom includes
as those are automatically created in squid.conf by the cgi script operating behind the WUI.
Example entry in the squid.conf file for a supplementary log:
#Start of custom includes
# Error cache log
cache_store_log /var/log/squid/cache_store.log
#End of custom includes
Example entry in the squid.conf file to deny to the blue network access to the IPFire machine :
#Start of custom includes
# deny blue network access to IPFire
http_access deny IPFire_blue_network IPFire_ips
#End of custom includes
Older Revisions • April 20 at 4:24 pm • Jon