PFSense - Squid - ACLs (Access Control Lists)

See Squid ACLs


todo

acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl local_respmod src 127.0.0.1/32 type respmod

# ACL Local Network
#acl localnet src 192.168.1.0/24 # localnet 



# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

# Only allow cachemgr access from localhost
#http_access allow manager localhost
#http_access deny manager

http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all

icap_access allow local_respmod
icap_access allow localnet
icap_access deny  all