Squid settings on Linux

EDITING IN /etc/squid/squid.conf

#               tproxy          Support Linux TPROXY for spoofing
#                               outgoing connections using the client
#                               IP address.
#
#       If you run Squid on a dual-homed machine with an internal
#       and an external interface we recommend you to specify the
#       internal address:port in http_port. This way Squid will only be
#       visible on the internal address.
#
# Squid normally listens to port 3128
http_port 3128

#       not needed for in-transit objects.
#
#       If circumstances require, this limit will be exceeded.
#       Specifically, if your incoming request rate requires more than
#       'cache_mem' of memory to hold in-transit objects, Squid will
#       exceed this limit to satisfy the new requests. When the load
#       decreases, blocks will be freed until the high-water mark is
#       reached. Thereafter, blocks will be used to store hot
#       objects.
#
#Default:
cache_mem 56 MB

#       transferring data from objects using the memory). In order to try
#       and maintain a good hit rate under load, COSS will reserve the last
#       2 full stripes for object hits. (ie a COSS cache_dir will reject
#       new objects when the number of full stripes is 2 less than maxfullbufs)
#
#       Common options:
#
#       read-only, this cache_dir is read only.
#
#       max-size=n, refers to the max object size this storedir supports.
#       It is used to initially choose the storedir to dump the object.
#       Note: To make optimal use of the max-size limits you should order
#       the cache_dir lines with the smallest max-size value first and the
#       ones with no max-size specification last.
#
#       Note that for coss, max-size must be less than COSS_MEMBUF_SZ
#       (hard coded at 1 MB).
#
#Default:
cache_dir ufs /var/spool/squid 100 16 256

#       By default, regular expressions are CASE-SENSITIVE. To make
#       them case-insensitive, use the -i option.
#
#       acl aclname src      ip-address/netmask ... (clients IP address)
#       acl aclname src      addr1-addr2/netmask ... (range of addresses)
#       acl aclname dst      ip-address/netmask ... (URL host's IP address)
#       acl aclname myip     ip-address/netmask ... (local socket IP address)
#
#       acl aclname arp      mac-address ... (xx:xx:xx:xx:xx:xx notation)
#         # The arp ACL requires the special configure option --enable-arp-acl.
#         # Furthermore, the arp ACL code is not portable to all operating systems.
#         # It works on Linux, Solaris, FreeBSD and some other *BSD variants.
#         #
#         # NOTE: Squid can only determine the MAC address for clients that are on
#         # the same subnet. If the client is on a different subnet, then Squid cannot
#         # find out its MAC address.
        acl localhost src ip/255.255.0.0

log_uses_indirect_client on

# TAG: http_access
#       Allowing or Denying access based on defined access lists
#
#       Access to the HTTP port:
#       http_access allow|deny [!]aclname ...
#
#       NOTE on default values:
#
#       If there are no "access" lines present, the default is to deny
#       the request.
#
#       If none of the "access" lines cause a match, the default is the
#       opposite of the last line in the list. If the last line was
#       deny, the default is allow. Conversely, if the last line
#       is allow, the default will be deny. For these reasons, it is a
#       good idea to have an "deny all" or "allow all" entry at the end
#       of your access lists to avoid potential confusion.
#
#Default:
http_access allow all

:wq