====== PFSense - Squid - ACLs (Access Control Lists) ====== See [[Squid:ACLs|Squid ACLs]] ---- todo acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl local_respmod src 127.0.0.1/32 type respmod # ACL Local Network #acl localnet src 192.168.1.0/24 # localnet # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines # Only allow cachemgr access from localhost #http_access allow manager localhost #http_access deny manager http_access allow localhost manager http_access deny manager http_access allow localnet http_access allow localhost http_access deny all icap_access allow local_respmod icap_access allow localnet icap_access deny all