Easy to configure deny all except proxy?

I’m trying to setup a proxy in a very small enterprise setting (< 10 employees)

I’m looking for something that allows me to:

  • refuse requests by default …
  • … unless in the exception list (eg only allow some domains)
  • logs all url, who asked for it, and whether it was accepted or denied (I don’t need content)
  • Is based on client/server and not “same machine”, yet is fairly easy to setup (which is where I’m having issues, I find stuff that do everything but seem overly complex to configure, or simple stuff that are made to use on the computer doing the requests)

I don’t need cache
I don’t need path filtering (simple ip/domain will do)
I don’t need authentification (every user will have the same permissions, log by source ip is enough)

What would you recommend for that ?