[squid-users] Manager access for statistics

James Moe jimoe at sohnen-moe.com
Sun Oct 29 07:02:16 UTC 2017 

Hello,
  opensuse v42.2
  linux v4.4.87-18.29-default x86_64
  squid v3.5.21

  On occasion I look at the squid statistics; it has been a while since
I last checked them, at least a month. The request was denied as not
having access privileges. I do not see why it is now being denied.
  My understanding is that the ACL names "manager" and "manager_admin"
would be allowed since they are first in the list (see below).
  What have I misunderstood?

http://proxy1.sma.com:3128/squid-internal-mgr/info

acl manager url_regex -i ^cache_object:// /squid-internal-mgr/
acl manager_admin src 192.168.69.115
#
acl localnet src 192.168.69.0/24
acl localnet src fc00::/7
acl localnet src fe80::/10
#
acl SSL_ports port 443
acl SSL_ports port 631
#
# Jumpline cPanel ports
acl SSL_ports port 2083
acl SSL_ports port 2096
#
acl SSL_ports port 5000		# NAS
acl SSL_ports port 9100
acl SSL_ports port 10000	# Webmin
#
acl Safe_ports port 563		# nntp
acl Safe_ports port 631		# cups
acl Safe_ports port 9100	# ?network printer?
#
# From the default conf:
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
#
acl CONNECT method CONNECT
#
http_access allow manager_admin manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access deny all

# Squid normally listens to port 3128
http_port 3128

access_log /var/log/squid/access.log


-- 
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20171029/aba119c7/attachment.sig>

More information about the squid-users mailing list