Skip to content

Instantly share code, notes, and snippets.

@stbenjam
Last active August 2, 2018 17:25
Show Gist options
  • Save stbenjam/ff106277693b6d9ffaa462a4463a6dfa to your computer and use it in GitHub Desktop.
Save stbenjam/ff106277693b6d9ffaa462a4463a6dfa to your computer and use it in GitHub Desktop.
Running a squid docker container with a whitelist
  1. Create a squid.conf file, for example, here's one that whitelists the Satellite 6.3 hosts only.
acl CONNECT method CONNECT
acl ssl_ports port 443

acl whitelist dstdomain subscription.rhsm.redhat.com
acl whitelist dstdomain cdn.redhat.com
acl whitelist dstdomain .akamaiedge.net
acl whitelist dstdomain cert-api.access.redhat.com
acl whitelist dstdomain api.access.redhat.com

http_access deny !ssl_ports
http_access deny CONNECT !ssl_ports
http_access allow localhost
http_access allow whitelist
http_access deny all
http_port 3128
coredump_dir /var/spool/squid

refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .		0	20%	4320
  1. Start up the docker container pointing at your squid.conf:
docker run -it --rm \
--publish 3128:3128 \
--volume /tmp/squid.conf:/etc/squid/squid.conf \
sameersbn/squid:latest
  1. Your proxy will be running on your docker host at port 3128
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment