[squid-users] Cannot get Squid to start with external ACL in config
deennyycsgo
deennyycsgo at protonmail.com
Tue Apr 25 17:49:30 UTC 2023
Hello, I'm having an issue configuring an external ACL, the error i get is:
Can't use proxy auth because no authentication schemes are fully configured.
FATAL: ERROR: Invalid ACL: acl ext_acl external acl_name
Here is my config: acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT external_acl_type acl_name %SRC %LOGIN %DST /etc/squid/ext_acl.py acl ext_acl external acl_name http_access allow ext_acl http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access deny manager http_access allow localhost http_access deny all http_port 3128 coredump_dir /var/spool/squid3 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320
And here is the python script:
#!/usr/bin/python3
import sys
import logging
import time
def grant ():
sys.stdout.write('OK\n')
sys.stdout.flush()
def deny ():
sys.stdout.write('ERR\n')
sys.stdout.flush()
while True:
line = sys.stdin.readline().strip()
if line:
deny()
else:
time.sleep( 1 )
The python script has 777 permissions and is owned by the proxy user.
Running it through the terminal results in expected output and expected behaviour.
I'm running Squid version 4.10 on Ubuntu Server 20.04 Thanks in advance!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20230425/9d2e22e9/attachment-0001.htm>
More information about the squid-users
mailing list