Squid Proxy

Squid-proxy-1252x999-optimized-1016429947.png


https://www.squid-cache.org/


https://pactester.brdbnt.com/pacfunctions.html

name: core-squid
services:
  squid:
    image: ubuntu/squid:latest
    container_name: squid
    hostname: squid
    networks:
      - proxy
    dns:
      - 172.22.20.1
      - 94.140.14.14
      - 94.140.16.15
      - 8.8.8.8
    ports:
      - 149.202.72.112:3128:3128
      - 172.22.20.1:3128:3128
      - 100.100.69.2:3129:3128
    volumes:
      - ./config/etc:/etc/squid
      - ./config/shared-acl-lists:/acl:ro
        #- /etc/svc/config/squid/pid:/run/squid
      - ./config/logs:/var/log/squid
      - ./config/cache:/var/spool/squid
      - /run/squid:/run/squid
    environment:
      - PUID=666
      - PGID=666
      - VIRTUAL_HOST=squid.uptime.pknw1.co.uk,squid.notflix.pknw1.co.uk,squid.admin.pknw1.co.uk
      - VIRTUAL_PORT=3128
    healthcheck:
     test: ["CMD-SHELL", "test -f /run/squid/squid.pid"]
     interval: 10s
     timeout: 5s
     retries: 5

networks:
  proxy:
    external: true
  admin:
    external: true
x-dockge:
  urls:
    - some info
    - ""
check-whitelist.sh 
#!/bin/bash
#if [[ $# -ne 1 ]]
#then
#  exit 1
#fi

case $1 in
  "add")
      IP=$2
      CHECK_IPSET=$(ipset list squid_allowed | grep $IP)
      if [[ -z $CHECK_IPSET ]]
      then 
        ipset add squid_allowed $IP
      fi

      CHECK_WHITELIST=$(grep $IP /home/apps/core/squid/config/shared-acl-lists/whitelist.ip)
      if [[ -z $CHECK_WHITELIST ]]
      then
        echo $IP/32 >>  /home/apps/core/squid/config/shared-acl-lists/whitelist.ip
      fi
    ;;
  "del")
      ipset add squid_allowed $IP
      CHECK_WHITELIST=$(grep $IP /home/apps/core/squid/config/shared-acl-lists/whitelist.ip)
      if ! [[ -z $CHECK_WHITELIST ]]
      then 
        cat /home/apps/core/squid/config/shared-acl-lists/whitelist.ip | grep -v $IP > /tmp/whitelist.tmp
        cp /tmp/whitelist.tmp /home/apps/core/squid/config/shared-acl-lists/whitelist.ip
      fi
     ;;
  "check")
      IPSET=$(ipset list squid_allowed|grep entries|awk -F: '{print $2}')
      LIST=$(cat /home/apps/core/squid/config/shared-acl-lists/whitelist.ip |wc -l)
      echo $IPSET $LIST
      if [[ $IPSET -eq $LIST ]]
      then 
        echo "OK"
      else
        ipset list squuid_allowed | sort -u > /tmp/ipset
        cat /home/apps/core/squid/config/shared-acl-lists/whitelist.ip | awk -F/ '{print $1}' | sort -u > /tmp/list
        diff /tmp/ipset /tmp/list
      fi
      ;;
  "save")
      ipset save > /etc/ipset.conf
      ;;
  "restore")
      cat /etc/ipset.conf | ipset restore
      ;;
  *)
      cat <<EOF
    add <ip>
    del <ip>
    check
    save
    restore
    init
EOF
    ;;
    esac

 

 

Revision #4
Created 2026-02-14 21:05:00 CET by pknw1
Updated 2026-02-15 10:50:39 CET by pknw1