http_port 8080 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT cache_log /opt/squid/log/cache.log mime_table /opt//squid/conf/mime.conf unlinkd_program /opt/squid/lib/unlinkd error_directory /opt/squid/errors cache_dir ufs /opt/squid/spool 100 16 256 pid_filename /opt/squid/run/pssquid.pid icap_session_context_tag_name ICAP-Session-Info cache_effective_user squid cache_effective_group squid http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow all icp_access allow all visible_hostname squid cache_access_log /dev/null cache_store_log none debug_options ALL,1 # ICAP icap_enable on icap_preview_enable off icap_send_client_ip on icap_service s1 reqmod_precache 0 icap://127.0.0.1:1344/reqmod icap_service s1 respmod_precache 0 icap://127.0.0.1:1345/respmod icap_class c1 s1 icap_check_interval 10 acl HTTP proto HTTP acl GET method GET acl POST method POST icap_access c1 allow HTTP GET ##### in case icap req mod replay has "X-Response-Info: Please_Reply_directlly" ##### then direct reply (without calling in resp mod) will be activated for that ##### session, note that other values wont activate this feature. icap_req_mod_direct_reply on icap_req_mod_direct_reply_resp_info_tag_name X-Response-Info icap_req_mod_direct_reply_values Please_Reply_directlly #### this tag name is used as context, for ICAP server to pass information, #### through the client from req to res mod. #### Note that this value should be HTTP header safe, recommend base64 encoded icap_session_context_tag_name ICAP-Session-Info