4.8 How do I configure Squid to work behind a firewall? 

Note: The information here is current for version 2.2. 

If you are behind a firewall then you can't make direct connections to the outsi
de world, so you must use a parent cache. Squid doesn't use ICP
queries for a request if it's behind a firewall or if there is only one parent. 

You can use the never_direct access list in squid.conf to specify which requests
 must be forwarded to your parent cache outside the firewall. For
 example, if Squid can connect directly to all servers that end with mydomain.com
 , but must use the parent for all others, you would write: 

	 acl INSIDE dstdomain mydomain.com
		 never_direct deny INSIDE

 Note that the outside domains will not match the INSIDE acl. When there are no m
 atches, the default action is the opposite of the last action. Its as
 if there is an implicit never_direct allow all as the final rule. 

 You could also specify internal servers by IP address 

	 acl INSIDE_IP dst 1.2.3.4/24
	 never_direct deny INSIDE

 Note, however that when you use IP addresses, Squid must perform a DNS lookup to
 convert URL hostnames to an address. Your internal DNS
 servers may not be able to lookup external domains. 

 If you use never_direct and you have multiple parent caches, then you probably 
will want to mark one of them as a default choice in case Squid can't
 decide which one to use. That is done with the default keyword on a cache_peer l
 ine. For example: 

  cache_peer xyz.mydomain.com parent 3128 0 default

#
#
#
The bottom line is that I changed.... 
http_port to 8080
http_access alow all

I did NOT have to do the cockamamie crap they list above !

	<<<<<<<<<<< NOt on this machine >>>>>>>>>>>
 Found out the hard way that this machine is way to slow and NOT enough
 memory to run  squid on  ! ! !
+---------------
| The squid-2.3 configuration files have been installed in /etc/squid.
| Please view these files and change the configuration to meet your needs.
|
| The  errors and icons have been installed in /usr/local/share/squid.
| Please view these files and change them to meet your needs.
+---------------

NOTES ON OpenBSD POST-INSTALLATION OF SQUID 2.3
-----------------------------------------------

 ** An old squid.conf will not work with squid 2.3! **

 The local (OpenBSD) differences are:
 - configuration files are in            /etc/squid
 - sample configuration files are in     /usr/local/share/examples/squid/conf
 - error message files are in            /usr/local/share/squid/errors
 - sample error message files are in     /usr/local/share/examples/squid/errors
 - icons are in                          /usr/local/share/squid/icons
 - sample icons are in                   /usr/local/share/examples/squid/icons
 - the cache is in                       /var/squid/cache
 - logs are stored in                    /var/squid/logs
 - the ugid squid runs as is             www:www

 Please remember to initialize the cache by running "squid -z" before
 trying to run Squid for the first time.

 You can also edit /etc/rc.local so that Squid is started automatically:
     if [ -x /usr/local/bin/squid ]; then
	     echo -n ' squid';       /usr/local/bin/squid &
		 fi
#
#
#
#