Squid offers approximately 200 configuration options, out of which around 60 are utilized by IPFire. If you wish to add individual configurations not available in the Web User Interface (WUI), avoid editing /etc/squid/squid.conf directly as changes in the WUI will overwrite it. Instead, use the following complementary configuration file:
/var/ipfire/proxy/advanced/acls/include.acl
The entries in this file will be propagated to /etc/squid/squid.conf upon saving and restarting via the Squid WUI. This will place your custom configuration within these two commented lines:
#Start of custom includes
#End of custom includes
Please note that a simple restart of Squid via the console will not propagate your custom configurations to squid.conf. The use of the WUI is necessary for this propagation.
Examples of squid.conf custom modification
The following examples demonstrate how to manually configure squid.conf, providing control over the proxy in ways the WUI does not permit. The provided code reflects the resulting changes in squid.conf. Remember to add your custom lines to:
/var/ipfire/proxy/advanced/acls/include.acl
Do not include:
#Start of custom includes
#End of custom includes
These lines are automatically generated in squid.conf by the CGI script operating behind the WUI.
Here is an example of how to add a supplementary log to the squid.conf file:
#Start of custom includes
# Error cache log
cache_store_log /var/log/squid/cache_store.log
#End of custom includes
To deny the Blue network's access to the IPFire machine, add the following entry into the squid.conf file:
#Start of custom includes
# deny to the Blue network access to IPFire
http_access deny IPFire_blue_network IPFire_ips
#End of custom includes