MisterFixx/squid.conf

## squid.conf
#Access rules cluster, here, we define that squid will only accept connections from within the machine (localhost/127.0.0.1)
#Also here we define which IP will be used to make the outgoing request depending on which port the client connected to squid.
#We intentionally avoid using Squid's default port (3128) to avoid various port scanning bots discovering our squid instance and trying to use it for various malicious purposes.
#This is just an extra safeguard, you should still block all of squid's port from public access via your firewall.
#We learned this through the hard way. (https://misterfix.io/i/490823964394917888.png)

#Replace these IP's which the IP's assigned to your machine.
acl 3129 myportname 3129 src 127.0.0.1
http_access allow 3129
tcp_outgoing_address 1.1.1.1 3129

acl 3130 myportname 3130 src 127.0.0.1
http_access allow 3130
tcp_outgoing_address 2.2.2.2 3130

acl 3131 myportname 3131 src 127.0.0.1
http_access allow 3131
tcp_outgoing_address 3.3.3.3 3131

acl 3132 myportname 3132 src 127.0.0.1
http_access allow 3132
tcp_outgoing_address 4.4.4.4 3132

acl 3133 myportname 3133 src 127.0.0.1
http_access allow 3133
tcp_outgoing_address 5.5.5.5 3133

#If none if the access rules matched the connection, we deny it.
http_access deny all

#Defining all the various ports on which the squid instance will listen to connections on.
http_port 3129
http_port 3130
http_port 3131
http_port 3132
http_port 3133

# Make this proxy anonymous, it will make all services think
# it is the originating IP of the requests
forwarded_for off
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all
	#Access rules cluster, here, we define that squid will only accept connections from within the machine (localhost/127.0.0.1)
	#Also here we define which IP will be used to make the outgoing request depending on which port the client connected to squid.
	#We intentionally avoid using Squid's default port (3128) to avoid various port scanning bots discovering our squid instance and trying to use it for various malicious purposes.
	#This is just an extra safeguard, you should still block all of squid's port from public access via your firewall.
	#We learned this through the hard way. (https://misterfix.io/i/490823964394917888.png)

	#Replace these IP's which the IP's assigned to your machine.
	acl 3129 myportname 3129 src 127.0.0.1
	http_access allow 3129
	tcp_outgoing_address 1.1.1.1 3129

	acl 3130 myportname 3130 src 127.0.0.1
	http_access allow 3130
	tcp_outgoing_address 2.2.2.2 3130

	acl 3131 myportname 3131 src 127.0.0.1
	http_access allow 3131
	tcp_outgoing_address 3.3.3.3 3131

	acl 3132 myportname 3132 src 127.0.0.1
	http_access allow 3132
	tcp_outgoing_address 4.4.4.4 3132

	acl 3133 myportname 3133 src 127.0.0.1
	http_access allow 3133
	tcp_outgoing_address 5.5.5.5 3133

	#If none if the access rules matched the connection, we deny it.
	http_access deny all

	#Defining all the various ports on which the squid instance will listen to connections on.
	http_port 3129
	http_port 3130
	http_port 3131
	http_port 3132
	http_port 3133

	# Make this proxy anonymous, it will make all services think
	# it is the originating IP of the requests
	forwarded_for off
	request_header_access Allow allow all
	request_header_access Authorization allow all
	request_header_access WWW-Authenticate allow all
	request_header_access Proxy-Authorization allow all
	request_header_access Proxy-Authenticate allow all
	request_header_access Cache-Control allow all
	request_header_access Content-Encoding allow all
	request_header_access Content-Length allow all
	request_header_access Content-Type allow all
	request_header_access Date allow all
	request_header_access Expires allow all
	request_header_access Host allow all
	request_header_access If-Modified-Since allow all
	request_header_access Last-Modified allow all
	request_header_access Location allow all
	request_header_access Pragma allow all
	request_header_access Accept allow all
	request_header_access Accept-Charset allow all
	request_header_access Accept-Encoding allow all
	request_header_access Accept-Language allow all
	request_header_access Content-Language allow all
	request_header_access Mime-Version allow all
	request_header_access Retry-After allow all
	request_header_access Title allow all
	request_header_access Connection allow all
	request_header_access Proxy-Connection allow all
	request_header_access User-Agent allow all
	request_header_access Cookie allow all
	request_header_access All deny all