I show you some parts of my squid.conf (hoping it can help)
# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
# ftp_user Squid@
# ftp_user anonymous
# ftp_user test@
ftp_list_width 64
ftp_passive off
ftp_sanitycheck off
...
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl FTP proto FTP
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 631 # cups
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
....
#Recommended minimum configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Only allow purge requests from localhost
http_access allow purge localhost
http_access deny purge
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
http_access allow localhost
acl our_network1 src 192.168.0.1/255.255.255.0
acl Siti dstdom_regex "/etc/Siti_consentiti.txt"
acl ServerEffeTiPi dstdom_regex "/etc/ServerFTP_consentiti.txt"
http_access allow our_network1 Siti
http_access allow FTP our_network1
acl ftpaccess src 192.168.9.12 192.168.0.54
acl our_network2 src 192.168.9.12
http_access allow FTP ftpaccess
http_access deny FTP
http_access allow our_network2 Siti
# And finally deny all other access to this proxy
http_access deny all
I'm waiting for your suggestions...