From 9dd9bc28b59803eb5040dcf8efe699506a9b9014 Mon Sep 17 00:00:00 2001
From: sazb <36622045+sazb@users.noreply.github.com>
Date: Wed, 15 Jul 2020 20:28:59 +0300
Subject: [PATCH] Update squid.conf (#4137)

---
 src/opnsense/service/templates/OPNsense/Proxy/squid.conf | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/opnsense/service/templates/OPNsense/Proxy/squid.conf b/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
index 20859bf1b..c706d53ae 100644
--- a/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
+++ b/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
@@ -143,6 +143,15 @@ acl localnet src {{intf_item.subnet}}/{{intf_item.subnet_bits}} # Possible inter
 acl localnet src fc00::/7       # RFC 4193 local private network range
 acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
 
+# ACL - Allow localhost for PURGE cache if enabled
+{% if helpers.exists('OPNsense.proxy.general.cache.local') %}
+{%  if OPNsense.proxy.general.cache.local.enabled == '1' %}
+acl PURGE method PURGE
+http_access allow localhost PURGE
+http_access deny PURGE
+{%  endif %}
+{% endif %}
+
 # ACL lists
 {% if helpers.exists('OPNsense.proxy.forward.acl.allowedSubnets') %}