include /etc/squid/conf.d/*.conf

shutdown_lifetime 10 seconds

acl private_network src fe80::/10			# rfc 4291 link local (ipv6)
acl private_network src 169.254.0.0/16			# rfc 3927 link local (ipv4)
acl private_network src fc00::/7			# rfc 4193 unique local (ipv6)
acl private_network src 10.0.0.0/8			# rfc 1918 private (ipv4)
acl private_network src 172.16.0.0/12			# rfc 1918 private (ipv4)
acl private_network src 192.168.0.0/16			# rfc 1918 private (ipv4)

acl safe_ports port 80			# http
acl safe_ports port 443			# https

acl secure_ports port 443

http_access deny !safe_ports
http_access deny CONNECT !secure_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access allow private_network
http_access deny to_localhost
http_access deny to_linklocal
http_access deny all

#ssl_bump splice localhost
ssl_bump bump all

#http_port 3128
https_port 3128 tls-cert=fullchain.pem tls-key=privkey.pem

coredump_dir /var/spool/squid
cache_dir aufs /var/spool/squid 64000 16 256