[squid-users] External ACL

avi_h harariboy at gmail.com
Tue May 23 01:25:28 UTC 2017


I'm currently using the DB authentication (squid_db_auth).
This works flawlessly, however I have a need to enable authentication by a
list of IPs.
I tried using a simple ACL, but it's not dynamic so that doesn't answer my
So I'm trying to create an external ACL.
For some reason the external ACL isn't working.
In order to check this, I commented out all the configs of squid_db_auth.
Please see the configurations below:

external_acl_type ip_checker children-max=20 %SRC
acl allowed_ips external ip_checker

http_access allow allowed_ips

cat /usr/lib64/squid/ip_checker.sh


while read ip
  if ! grep -w "$ip" /etc/squid/allowed_ips.txt ; then
    echo "ERR"
  else echo "OK"

cat /etc/squid/allowed_ips.txt

The error message I'm getting:

2017/05/23 01:33:09.160 kid1| 82,2| external_acl.cc(786) aclMatchExternal:
ip_checker("") = lookup needed
2017/05/23 01:33:09.160 kid1| WARNING: external ACL 'ip_checker' queue
overload. Request rejected ''.

Thanks in advance,

View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/External-ACL-tp4682519.html
Sent from the Squid - Users mailing list archive at Nabble.com.

More information about the squid-users mailing list