[squid-users] External ACL
avi_h
harariboy at gmail.com
Tue May 23 01:25:28 UTC 2017
Hi,
I'm currently using the DB authentication (squid_db_auth).
This works flawlessly, however I have a need to enable authentication by a
list of IPs.
I tried using a simple ACL, but it's not dynamic so that doesn't answer my
need.
So I'm trying to create an external ACL.
For some reason the external ACL isn't working.
In order to check this, I commented out all the configs of squid_db_auth.
Please see the configurations below:
external_acl_type ip_checker children-max=20 %SRC
/usr/lib64/squid/ip_checker.sh
acl allowed_ips external ip_checker
http_access allow allowed_ips
cat /usr/lib64/squid/ip_checker.sh
#!/bin/bash
while read ip
do
if ! grep -w "$ip" /etc/squid/allowed_ips.txt ; then
echo "ERR"
else echo "OK"
fi
done
cat /etc/squid/allowed_ips.txt
192.168.1.1
The error message I'm getting:
2017/05/23 01:33:09.160 kid1| 82,2| external_acl.cc(786) aclMatchExternal:
ip_checker("192.168.1.1") = lookup needed
2017/05/23 01:33:09.160 kid1| WARNING: external ACL 'ip_checker' queue
overload. Request rejected '192.168.1.1'.
Thanks in advance,
Avi
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/External-ACL-tp4682519.html
Sent from the Squid - Users mailing list archive at Nabble.com.
More information about the squid-users
mailing list