{% extends 'squid/settings/index.html' %} {% block toolbar_network %}class="active"{%endblock%} {% block page_comment %}

Various global settings of Squid.

{% endblock %} {% block page_content %}
{% csrf_token %}
{% if form.non_field_errors %}
{% for error in form.non_field_errors %} {{ error|escape }} {% endfor %}
{% endif %}
{{form.explicit_address}}
{% if form.explicit_address.errors %} {{form.explicit_address.errors|striptags}} {% else %} Specify here the IP address Squid should be listening on for incoming requests. It is recommended to leave this field empty so that Squid will listen for incoming requests on all available network interfaces. {%endif%}
{{form.explicit_port}}
{% if form.explicit_port.errors %} {{form.explicit_port.errors|striptags}} {% else %} Specify port number Squid should be listening on. Default value 3128. Sometimes port 8080 is used instead. {%endif%}
{{form.proxy_hosts}}
{% if form.proxy_hosts.errors %} {{form.proxy_hosts.errors|striptags}} {% else %} Specify here the space separated list of IP addresses of trusted load balancers that will emit PROXY protocol headers on all connections to this node. By default the list is empty. This is a highly sensitive info. See Squid documentation for other security considerations. {%endif%}

Intercept Proxy Mode

{{form.intercept_mode}} {% if form.intercept_mode.errors %} {{form.intercept_mode.errors|striptags}} {% else %} Transparent proxy mode may be implemented in two ways. Choose between Cisco WCCP protocol redirection and Squid proxy running on default gateway. In any case both HTTP and HTTPS traffic can be filtered. Please note additional configuration steps need to be done on Cisco ASA/router or on system used as default gateway as explained in the online documentation. {%endif%}
{{form.intercept_address}}
{% if form.intercept_address.errors %} {{form.intercept_address.errors|striptags}} {% else %} Specify here the IP address Squid should be listening for incoming WCCP or default gateway intercepted requests. It is recommended to leave this field empty so that Squid will listen for incoming requests on all available network interfaces. {%endif%}
{{form.intercept_port_http}}
{% if form.intercept_port_http.errors %} {{form.intercept_port_http.errors|striptags}} {% else %} Specify port number Squid should be listening on for WCCP redirected or default intercepted HTTP requests. Default value 3126. This port MUST be different from intercept HTTPS port below and from explicit proxy port above. {%endif%}
{{form.intercept_port_https}}
{% if form.intercept_port_https.errors %} {{form.intercept_port_https.errors|striptags}} {% else %} Specify port number Squid should be listening on for WCCP redirected or default intercepted HTTPS requests. Default value 3127. This port MUST be different from intercept HTTP port and from explicit proxy port above. {%endif%}
{{form.wccp2_router}}
{% if form.wccp2_router.errors %} {{form.wccp2_router.errors|striptags}} {% else %} If using Cisco WCCP redirect mode, specify here the IP address of Cisco ASA firewall (Cisco router) that will redirect HTTP/HTTPS traffic using WCCPv2 protocol to this proxy instance. {%endif%}
{{form.wccp2_password}} {% if form.wccp2_password.errors %} {{form.wccp2_password.errors|striptags}} {% else %} Specify here the optional password to use for WCCP communications with the Cisco ASA / router. {%endif%}
{% if object.intercept_mode != 0 %}

Technical Note

{% if object.intercept_mode == 1 %}

You are using WCCP redirection of HTTP and HTTPS traffic using Cisco ASA/router. The following WCCP settings will be active in Squid configuration.

{{object.wccp2_conf_sample}}

{% else %} {% endif %}

Network ports Squid is listening on will be configured as the following.

{{object.network_conf_sample}}

{% endif %} {% endblock %}