## listen on TCP 3128
http_port 3128

## Prevent caching anything (pass through only)
cache deny all

## Allow all connections.
http_access allow all

## Where does Squid log to?
cache_store_log none
cache_log /dev/null
access_log daemon:/var/log/squid/access.log squid
access_log syslog:user.info squid

## When logging, web auditors want to see the full uri, even with the query terms
strip_query_terms off

## Keep 7 days of logs
logfile_rotate 7

## How much RAM, in MB, to use for cache? Default since squid 3.1 is 256 MB
cache_mem 8 MB

## Maximum size of individual objects to store in cache
maximum_object_size 1 MB

## Amount of data to buffer from server to client
read_ahead_gap 64 KB

## Number of file descriptors to support (default is 2**20 which takes up ~408 MB of memory)
max_filedescriptors 65536

## Drop X-Forwarded-For headers
forwarded_for delete

## Suppress sending squid version information
httpd_suppress_version_string on

## How long to wait when shutting down squid
shutdown_lifetime 10 seconds

## What hostname to display? (defaults to system hostname)
visible_hostname proxy

## Drop some response headers that Squid normally adds (just being paranoid here)
reply_header_access Server deny all
reply_header_access Via deny all
reply_header_access X-Cache deny all
reply_header_access X-Cache-Lookup deny all
reply_header_access X-Squid-Error deny all

## Drop denied connections with just a TCP reset (no error page that might leak info)
deny_info TCP_RESET all

dns_v4_first off