add bridging firewall stuff

- tested with a transparent squid proxy
- fix some minor other stuff
- not completely ready

1 files changed, 14 insertions, 25 deletions

diff --git a/package/squid/files/squid.conf b/package/squid/files/squid.conf
index 86ffa60c7..9e6571192 100644
--- a/package/squid/files/squid.conf
+++ b/package/squid/files/squid.conf
@@ -1,27 +1,16 @@
 visible_hostname linux
+# for transparent proxy use following
+# http_port 3128 transparent
 http_port 3128
-# acl
-acl manager proto cache_object
-acl localhost src 127.0.0.1/32
-acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
-acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
-acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
-acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
-acl SSL_ports port 443
-acl Safe_ports port 80		# http
-acl Safe_ports port 21		# ftp
-acl Safe_ports port 443		# https
-acl Safe_ports port 70		# gopher
-acl Safe_ports port 210		# wais
-acl Safe_ports port 1025-65535	# unregistered ports
-acl Safe_ports port 280		# http-mgmt
-acl Safe_ports port 488		# gss-http
-acl Safe_ports port 591		# filemaker
-acl Safe_ports port 777		# multiling http
-acl CONNECT method CONNECT
-http_access allow manager localhost
-http_access deny manager
-http_access deny !Safe_ports
-http_access deny CONNECT !SSL_ports
-http_access allow localnet
-http_access deny all
+pid_filename /var/run/squid.pid
+# logging
+access_log syslog
+cache_store_log none
+cache_log /var/log/squid-cache.log
+# security
+cache_effective_user squid
+cache_effective_group squid
+# cache dir
+cache_dir ufs /var/squid/cache 10M 16 256
+# allow all
+http_access allow all