1 files changed, 16 insertions, 1 deletions

diff --git a/data/templates/squid/squid.conf.j2 b/data/templates/squid/squid.conf.j2
index a0fdeb20e..b953c8b18 100644
--- a/data/templates/squid/squid.conf.j2
+++ b/data/templates/squid/squid.conf.j2
@@ -2,6 +2,11 @@
 
 acl net src all
 acl SSL_ports port 443
+{% if ssl_safe_ports is vyos_defined %}
+{%     for port in ssl_safe_ports %}
+acl SSL_ports port {{ port }}
+{%     endfor %}
+{% endif %}
 acl Safe_ports port 80          # http
 acl Safe_ports port 21          # ftp
 acl Safe_ports port 443         # https
@@ -13,8 +18,18 @@ acl Safe_ports port 280         # http-mgmt
 acl Safe_ports port 488         # gss-http
 acl Safe_ports port 591         # filemaker
 acl Safe_ports port 777         # multiling http
+{% if safe_ports is vyos_defined %}
+{%     for port in safe_ports %}
+acl Safe_ports port {{ port }}
+{%     endfor %}
+{% endif %}
 acl CONNECT method CONNECT
-
+{% if domain_block is vyos_defined %}
+{%     for domain in domain_block %}
+acl BLOCKDOMAIN dstdomain {{ domain }}
+{%     endfor %}
+http_access deny BLOCKDOMAIN
+{% endif %}
 {% if authentication is vyos_defined %}
 {%     if authentication.children is vyos_defined %}
 auth_param basic children {{ authentication.children }}