Bump actions/cache from 4.2.2 to 4.2.3

Bumps [actions/cache](https://github.com/actions/cache) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v4.2.2...v4.2.3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 4.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

.drone.yml

@@ -17,16 +17,20 @@ steps:
     username: b4tman
     password:
       from_secret: docker_password
+    config:
+      from_secret: docker_config
 - name: squid-armhf image for github packages
   image: plugins/docker
   settings:
-    repo: docker.pkg.github.com/b4tman/docker-squid/squid-armhf
+    repo: ghcr.io/b4tman/squid-armhf
     auto_tag: true
     pull_image: true
-    registry: docker.pkg.github.com
+    registry: ghcr.io
     username: b4tman
     password:
       from_secret: github_password
+    config:
+      from_secret: docker_config
 trigger:
   ref:
   - refs/tags/**

.github/FUNDING.yml

@@ -0,0 +1 @@
+custom: ['https://boosty.to/0xffff', 'https://www.donationalerts.com/r/b4tman1']

.github/dependabot.yml

@@ -1,8 +1,14 @@
 version: 2
 updates:
-- package-ecosystem: docker
-  directory: "/"
-  schedule:
-    interval: monthly
-    time: '02:00'
-  open-pull-requests-limit: 10
+  - package-ecosystem: docker
+    directory: "/"
+    schedule:
+      interval: monthly
+      time: "02:00"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: monthly
+      time: "03:00"

.github/workflows/dockerimage.yml

@@ -4,80 +4,230 @@ on:
   push:
     # Publish `master` as Docker `latest` image.
     branches:
-      - master
-    
+      - master
+      - v5
+
     # Publish `v1.2.3` tags as releases.
     tags:
       - v*
-  
-  # Run tests for any PRs.
+
+  # Run tests for PRs to `master` branch.
   pull_request:
-  
+    branches:
+      - "master"
+
+env:
+  TEST_TAG: b4tman/squid:test
+
 jobs:
-  test: 
-    runs-on: ubuntu-18.04
+  test:
+    runs-on: ubuntu-20.04
     steps:
-    - uses: actions/checkout@v2
-    
-    - name: Build squid image
-      run: docker build . --file Dockerfile --tag b4tman/squid
-    
-    - name: Test image
-      run: docker-compose -f docker-compose.test.yml up sut
-    
-    - name: Build 'ssl-bump' image
-      run: docker build ssl-bump --tag b4tman/squid:ssl-bump
-  
+      - uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          username: b4tman
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Cache Docker layers
+        uses: actions/cache@v4.2.3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Build squid image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: false
+          load: true # automatically load the single-platform build result to docker images
+          tags: ${{ env.TEST_TAG }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+      # Temp fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
+      - name: Test image
+        run: |
+          set -ex
+          docker compose -f docker-compose.test.yml up --pull never sut --exit-code-from sut
+          docker compose -f docker-compose.test.yml down
+
+      - name: set base image for 'ssl-bump'
+        run: |
+          sed -i "s%FROM b4tman/squid%FROM $TEST_TAG%" ssl-bump/Dockerfile
+      
+      - name: Build 'ssl-bump' image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: false
+          load: true
+          tags: ${{ env.TEST_TAG }}-ssl-bump
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+      # Temp fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+          
+      - name: Test 'ssl-bump' image
+        run: |
+          set -ex
+          TEST_TAG="${TEST_TAG}-ssl-bump" docker compose -f docker-compose.test.yml up --pull never sut --exit-code-from sut
+          docker compose -f docker-compose.test.yml down
   push:
     needs: test
-    runs-on: ubuntu-18.04
-    if: github.event_name == 'push'
+    runs-on: ubuntu-20.04
+    if: github.event_name != 'pull_request'
     steps:
-    - uses: actions/checkout@v2
-    
-    - name: Build squid image
-      run: docker build . --file Dockerfile --tag b4tman/squid
-    
-    - name: Build 'ssl-bump' image
-      run: docker build ssl-bump --tag b4tman/squid:ssl-bump
-    
-    - name: Log into registry
-      run: echo "${{ secrets.GITHUB_PKGS_TOKEN }}" | docker login docker.pkg.github.com -u ${{ github.actor }} --password-stdin
-    
-    - name: Push squid image
-      run: |
-        IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/squid
-      
-        # Strip git ref prefix from version
-        VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-      
-        # Strip "v" prefix from tag name
-        [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-      
-        # Use Docker `latest` tag convention
-        [ "$VERSION" == "master" ] && VERSION=latest
-      
-        echo IMAGE_ID=$IMAGE_ID
-        echo VERSION=$VERSION
-      
-        docker tag b4tman/squid $IMAGE_ID:$VERSION
-        docker push $IMAGE_ID:$VERSION
-    
-    - name: Push 'ssl-bump' image
-      run: |
-        IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/ssl-bump
-      
-        # Strip git ref prefix from version
-        VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-      
-        # Strip "v" prefix from tag name
-        [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-      
-        # Use Docker `latest` tag convention
-        [ "$VERSION" == "master" ] && VERSION=latest
-      
-        echo IMAGE_ID=$IMAGE_ID
-        echo VERSION=$VERSION
-      
-        docker tag b4tman/squid:ssl-bump $IMAGE_ID:$VERSION
-        docker push $IMAGE_ID:$VERSION
+      - uses: actions/checkout@v4
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            b4tman/squid
+            ghcr.io/b4tman/squid
+          flavor: |
+            latest=${{ github.ref == 'refs/heads/master' }}
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: Docker meta (ssl-bump)
+        id: meta_ssl_bump
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            b4tman/squid
+            ghcr.io/b4tman/squid
+          flavor: |
+            latest=false
+            suffix=-ssl-bump
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: Docker meta (ssl-bump ghcr)
+        id: meta_ssl_bump_ghcr
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ghcr.io/b4tman/squid-ssl-bump
+          flavor: |
+            latest=${{ github.ref == 'refs/heads/master' }}
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Cache Docker layers
+        uses: actions/cache@v4.2.3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: b4tman
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.CR_PAT }}
+
+      - name: Build squid image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          platforms: linux/amd64,linux/arm/v7
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+      # Temp fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
+      - name: Build 'ssl-bump' image
+        uses: docker/build-push-action@v6
+        with:
+          context: ssl-bump
+          push: true
+          file: ssl-bump/Dockerfile
+          platforms: linux/amd64,linux/arm/v7
+          tags: ${{ steps.meta_ssl_bump.outputs.tags }}
+          labels: ${{ steps.meta_ssl_bump.outputs.labels }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      # Temp fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
+      - name: Build 'ssl-bump' image for ghcr
+        uses: docker/build-push-action@v6
+        with:
+          context: ssl-bump
+          push: true
+          file: ssl-bump/Dockerfile
+          platforms: linux/amd64,linux/arm/v7
+          tags: ${{ steps.meta_ssl_bump_ghcr.outputs.tags }}
+          labels: ${{ steps.meta_ssl_bump_ghcr.outputs.labels }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+      # Temp fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache

.github/workflows/stale.yml

@@ -0,0 +1,28 @@
+# This workflow warns and then closes issues and PRs that have had no activity for a specified amount of time.
+#
+# You can adjust the behavior by modifying this file.
+# For more information, see:
+# https://github.com/actions/stale
+name: Mark stale issues and pull requests
+
+on:
+  schedule:
+  - cron: '0 1 * * *'
+
+jobs:
+  stale:
+
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+
+    steps:
+    - uses: actions/stale@v9
+      with:
+        days-before-stale: 182
+        days-before-close: 7
+        stale-issue-message: 'Marking stale due to inactivity. Remove stale label or comment or this will be closed in 7 days.'
+        close-issue-message: 'Closing due to inactivity.'
+        stale-pr-message: 'Marking stale due to inactivity. Remove stale label or comment or this will be closed in 7 days.'
+        close-pr-message: 'Closing due to inactivity.'

Dockerfile

@@ -1,7 +1,6 @@
-FROM alpine:3.12.0 as build
+FROM alpine:3.21.3 as build
 
-ENV SQUID_VER 4.13
-ENV SQUID_SIG_KEY B06884EDB779C89B044E64E3CD6DBF8EF3B17D3E
+ARG SQUID_VER=6.13
 
 RUN set -x && \
 	apk add --no-cache  \
@@ -10,7 +9,8 @@ RUN set -x && \
 		libc-dev \
 		curl \
 		gnupg \
-		libressl-dev \
+		openssl-dev \
+		openssl-libs-static \
 		perl-dev \
 		autoconf \
 		automake \
@@ -21,34 +21,33 @@ RUN set -x && \
 		libcap-dev \
 		linux-headers
 
+WORKDIR /tmp/build
+
 RUN set -x && \
-	mkdir -p /tmp/build && \
-	cd /tmp/build && \
-    curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz -o squid-${SQUID_VER}.tar.gz && \
-	curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz.asc -o squid-${SQUID_VER}.tar.gz.asc
-	
+	curl -fSsL "https://github.com/squid-cache/squid/releases/download/SQUID_${SQUID_VER//./_}/squid-${SQUID_VER}.tar.gz" -o squid-${SQUID_VER}.tar.gz && \
+	curl -fSsL "https://github.com/squid-cache/squid/releases/download/SQUID_${SQUID_VER//./_}/squid-${SQUID_VER}.tar.gz.asc" -o squid-${SQUID_VER}.tar.gz.asc
+
+COPY squid-keys.asc /tmp/build
+
 RUN set -x && \
-	cd /tmp/build && \
-	export GNUPGHOME="$(mktemp -d)" && \
-	( \
-	 gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys ${SQUID_SIG_KEY} || \
-     gpg --keyserver hkp://ipv4.pool.sks-keyservers.net   --recv-keys ${SQUID_SIG_KEY} ||  \
-     gpg --keyserver hkp://pgp.mit.edu:80                 --recv-keys ${SQUID_SIG_KEY} \
-	) && \
+	GNUPGHOME="$(mktemp -d)" && \
+	export GNUPGHOME && \
+	gpg --import squid-keys.asc && \
 	gpg --batch --verify squid-${SQUID_VER}.tar.gz.asc squid-${SQUID_VER}.tar.gz && \
 	rm -rf "$GNUPGHOME"
-	
+
 RUN set -x && \
-	cd /tmp/build && \	
 	tar --strip 1 -xzf squid-${SQUID_VER}.tar.gz && \
 	\
+	MACHINE=$(uname -m) && \
+	\
 	CFLAGS="-g0 -O2" \
 	CXXFLAGS="-g0 -O2" \
 	LDFLAGS="-s" \
 	\
 	./configure \
-		--build="$(uname -m)" \
-		--host="$(uname -m)" \
+		--build="$MACHINE" \
+		--host="$MACHINE" \
 		--prefix=/usr \
 		--datadir=/usr/share/squid \
 		--sysconfdir=/etc/squid \
@@ -59,7 +58,8 @@ RUN set -x && \
 		--disable-arch-native \
 		--enable-removal-policies="lru,heap" \
 		--enable-auth-digest \
-		--enable-auth-basic="getpwnam,NCSA" \
+		--enable-auth-basic="getpwnam,NCSA,DB,RADIUS" \
+		--enable-basic-auth-helpers="DB" \
 		--enable-epoll \
 		--enable-external-acl-helpers="file_userip,unix_group,wbinfo_group" \
 		--enable-auth-ntlm="fake" \
@@ -86,7 +86,7 @@ RUN set -x && \
 		--enable-storeio="diskd rock" \
 		--enable-ipv6 \
 		--enable-translation \
-		--disable-snmp \
+		--enable-snmp \
 		--disable-dependency-tracking \
 		--with-large-files \
 		--with-default-user=squid \
@@ -94,15 +94,19 @@ RUN set -x && \
 		--with-pidfile=/var/run/squid/squid.pid
 
 RUN set -x && \
-	cd /tmp/build && \
-	nproc=$(n=$(nproc) ; max_n=6 ; [ $n -le $max_n ] && echo $n || echo $max_n) && \
+	nproc=$(n=$(nproc) ; max_n=6 ; echo $(( n <= max_n ? n : max_n )) ) && \
 	make -j $nproc && \
 	make install
-
-RUN sed -i '1s;^;include /etc/squid/conf.d/*.conf\n;' /etc/squid/squid.conf
-RUN echo 'include /etc/squid/conf.d.tail/*.conf' >> /etc/squid/squid.conf
 
-FROM alpine:3.12.0
+WORKDIR /tmp/build/tools/squidclient
+RUN make && make install-strip
+
+RUN sed -i '1s;^;include /etc/squid/conf.d/*.conf\n;' /etc/squid/squid.conf && \
+	echo 'include /etc/squid/conf.d.tail/*.conf' >> /etc/squid/squid.conf
+
+# --- --- --- --- --- --- --- --- ---
+
+FROM alpine:3.21.3
 	
 ENV SQUID_CONFIG_FILE /etc/squid/squid.conf
 ENV TZ Europe/Moscow
@@ -115,35 +119,31 @@ RUN apk add --no-cache \
 		libstdc++ \
 		heimdal-libs \
 		libcap \
-		libressl3.1-libcrypto \
-		libressl3.1-libssl \
-		libltdl	
+		libltdl \
+		tzdata
 
 COPY --from=build /etc/squid/ /etc/squid/
 COPY --from=build /usr/lib/squid/ /usr/lib/squid/
 COPY --from=build /usr/share/squid/ /usr/share/squid/
 COPY --from=build /usr/sbin/squid /usr/sbin/squid
-		
+COPY --from=build /usr/bin/squidclient /usr/bin/squidclient
+
+COPY --chmod=755 run.sh /
+
 RUN install -d -o squid -g squid \
 		/var/cache/squid \
 		/var/log/squid \
 		/var/run/squid && \
-	chmod +x /usr/lib/squid/*
-	
-RUN install -d -m 755 -o squid -g squid \
+	chmod +x /usr/lib/squid/* && \
+	install -d -m 755 -o squid -g squid \
 		/etc/squid/conf.d \
-		/etc/squid/conf.d.tail
-RUN touch /etc/squid/conf.d/placeholder.conf 
+		/etc/squid/conf.d.tail && \
+	touch /etc/squid/conf.d/placeholder.conf
 COPY squid-log.conf /etc/squid/conf.d.tail/
 
-RUN	set -x && \
-	apk add --no-cache --virtual .tz alpine-conf tzdata && \ 
-	/sbin/setup-timezone -z $TZ && \
-	apk del .tz 	
-	
-VOLUME ["/var/cache/squid"]	
+VOLUME ["/var/cache/squid"]
 EXPOSE 3128/tcp
 
 USER squid
 
-CMD ["sh", "-c", "/usr/sbin/squid -f ${SQUID_CONFIG_FILE} --foreground -z && exec /usr/sbin/squid -f ${SQUID_CONFIG_FILE} --foreground -YCd 1"]
+CMD ["/run.sh"]

README.md

@@ -1,12 +1,17 @@
-[![Drone Build Status](https://cloud.drone.io/api/badges/b4tman/docker-squid/status.svg?ref=refs/heads/master)](https://cloud.drone.io/b4tman/docker-squid)
-![Docker Build Status](https://img.shields.io/docker/build/b4tman/squid)
 ![Docker Image CI Status](https://github.com/b4tman/docker-squid/workflows/Docker%20Image%20CI/badge.svg)
 
 # docker-squid
 
 Docker Squid container based on Alpine Linux.
 
-Automated builds of the image are available on [Dockerhub](https://hub.docker.com/r/b4tman/squid).
+Automated builds of the image are available on:
+
+- DockerHub:
+  - [b4tman/squid](https://hub.docker.com/r/b4tman/squid)
+- Github:
+  - [ghcr.io/b4tman/squid](https://github.com/users/b4tman/packages/container/package/squid)
+  - [ghcr.io/b4tman/squid-armhf](https://github.com/users/b4tman/packages/container/package/squid-armhf)
+  - [ghcr.io/b4tman/squid-ssl-bump](https://github.com/users/b4tman/packages/container/package/squid-ssl-bump)
 
 # Quick Start
 
@@ -29,7 +34,6 @@ docker-compose up
 
 - **SQUID_CONFIG_FILE**: Specify the configuration file for squid. Defaults to `/etc/squid/squid.conf`.
 
-
 ## Example:
 
 ```bash
@@ -39,4 +43,4 @@ docker run -p 3128:3128 \
 	b4tman/squid
 ```
 
-This will start a squid container with your config file `/srv/docker/squid/squid.conf`. 
+This will start a squid container with your config file `/srv/docker/squid/squid.conf`.

docker-compose.test.yml

@@ -1,11 +1,20 @@
-version: '2'
+version: '2.3'
 services:
   proxy:
-    build: .
+    image: "${TEST_TAG}"
+    volumes:
+      - './test_localnet.conf:/etc/squid/conf.d/test_localnet.conf:ro'
+    healthcheck:
+      test: ["CMD", "sh", "-exc", "squidclient -T 3 mgr:info 2> /dev/null | grep -qF '200 OK'"]
+      interval: 5s
+      timeout: 3s
+      retries: 5
+      start_period: 1s
   sut:
-    image: alpine:3.10.1
+    image: "${TEST_TAG}"
     links: 
       - proxy
     depends_on:
       - proxy
-    command: sh -exc "apk add --update curl && sleep 5 && exec curl --proxy http://proxy:3128 -I http://google.com/"
+    command: sh -exc "sleep 10 && squidclient -h proxy -T 3 'https://postman-echo.com/get?squidtest=ok' 2> /dev/null | grep -qF '200 OK'"
+

run.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+set -x
+
+# force remove pid
+if [ -e /var/run/squid/squid.pid ]; then
+	rm -f /var/run/squid/squid.pid
+fi
+
+# init cache
+/usr/sbin/squid -f "${SQUID_CONFIG_FILE}" --foreground -z
+
+# run squid
+exec /usr/sbin/squid -f "${SQUID_CONFIG_FILE}" --foreground -YCd 1

ssl-bump/Dockerfile

@@ -1,4 +1,9 @@
 FROM b4tman/squid
 
+COPY run.sh /
 USER root
-CMD ["sh", "-c", "(test -d /var/cache/squid/ssl_db || /usr/lib/squid/security_file_certgen -c -s /var/cache/squid/ssl_db -M 4MB) && /usr/sbin/squid -f ${SQUID_CONFIG_FILE} --foreground -z && exec /usr/sbin/squid -f ${SQUID_CONFIG_FILE} --foreground -YCd 1"]
+RUN chmod 755 /run.sh
+
+USER squid
+
+CMD ["/run.sh"]

ssl-bump/run.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+set -x
+
+# init ssl_db
+if [ ! -d /var/cache/squid/ssl_db ]; then
+	/usr/lib/squid/security_file_certgen -c -s /var/cache/squid/ssl_db -M 4MB
+fi
+
+# init cache
+/usr/sbin/squid -f "${SQUID_CONFIG_FILE}" --foreground -z
+
+# run squid
+exec /usr/sbin/squid -f "${SQUID_CONFIG_FILE}" --foreground -YCd 1

test_localnet.conf

@@ -0,0 +1,11 @@
+acl localnet1 src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
+acl localnet1 src 10.0.0.0/8            # RFC 1918 local private network (LAN)
+acl localnet1 src 100.64.0.0/10         # RFC 6598 shared address space (CGN)
+acl localnet1 src 169.254.0.0/16        # RFC 3927 link-local (directly plugged) machines
+acl localnet1 src 172.16.0.0/12         # RFC 1918 local private network (LAN)
+acl localnet1 src 192.168.0.0/16                # RFC 1918 local private network (LAN)
+acl localnet1 src fc00::/7              # RFC 4193 local private network range
+acl localnet1 src fe80::/10             # RFC 4291 link-local (directly plugged) machines
+
+http_access allow localnet1
+http_access allow localhost manager