[squid-users] squidclient -h 127.0.0.1 -p 3128 mgr:info shows access denined

Jonathan Lee jonathanlee571 at gmail.com
Thu Jul 18 05:05:52 UTC 2024 

without password enabled 

Shell Output - curl http://127.0.0.1:3128/squid-internal-mgr/info
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100  3714  100  3714    0     0  12258      0 --:--:-- --:--:-- --:--:-- 12298
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2023 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!--
 /*
 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/*
 Stylesheet for Squid Error pages
 Adapted from design by Free CSS Templates
 http://www.freecsstemplates.org
 Released for free under a Creative Commons Attribution 2.5 License
*/

/* Page basics */
* {
	font-family: verdana, sans-serif;
… more 

> On Jul 17, 2024, at 21:55, Jonathan Lee <jonathanlee571 at gmail.com> wrote:
> 
> Do I use 
> 
> curl http://localhost:3128/squid-internal-mgr/info 
> 
> Where would I place the password?
> 
>> On Jul 17, 2024, at 21:08, Jonathan Lee <jonathanlee571 at gmail.com> wrote:
>> 
>> 2024/07/17 21:07:37| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
>> 2024/07/17 21:07:37| Processing: http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB cert=/usr/local/etc/squid/serverkey.pem cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS tls-dh=prime256v1:/etc/dh-parameters.2048 options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
>> 2024/07/17 21:07:37| WARNING: UPGRADE: 'cafile=/usr/local/share/certs/ca-root-nss.crt' is deprecated in http_port. Use 'tls-cafile=' instead.
>> 2024/07/17 21:07:37| WARNING: Failed to decode EC parameters '/etc/dh-parameters.2048'
>>     OpenSSL-saved error #1: 0x1e08010c
>> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_DH_USE
>> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_ECDH_USE
>> 2024/07/17 21:07:37| Processing: http_port 3128 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB cert=/usr/local/etc/squid/serverkey.pem cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS tls-dh=prime256v1:/etc/dh-parameters.2048 options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
>> 2024/07/17 21:07:37| Starting Authentication on port [::]:3128
>> 2024/07/17 21:07:37| Disabling Authentication on port [::]:3128 (interception enabled)
>> 2024/07/17 21:07:37| WARNING: UPGRADE: 'cafile=/usr/local/share/certs/ca-root-nss.crt' is deprecated in http_port. Use 'tls-cafile=' instead.
>> 2024/07/17 21:07:37| WARNING: Failed to decode EC parameters '/etc/dh-parameters.2048'
>>     OpenSSL-saved error #1: 0x1e08010c
>> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_DH_USE
>> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_ECDH_USE
>> 2024/07/17 21:07:37| Processing: https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB cert=/usr/local/etc/squid/serverkey.pem cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS tls-dh=prime256v1:/etc/dh-parameters.2048 options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
>> 2024/07/17 21:07:37| Starting Authentication on port [::]:3129
>> 2024/07/17 21:07:37| Disabling Authentication on port [::]:3129 (interception enabled)
>> 2024/07/17 21:07:37| WARNING: UPGRADE: 'cafile=/usr/local/share/certs/ca-root-nss.crt' is deprecated in https_port. Use 'tls-cafile=' instead.
>> 2024/07/17 21:07:37| WARNING: Failed to decode EC parameters '/etc/dh-parameters.2048'
>>     OpenSSL-saved error #1: 0x1e08010c
>> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_DH_USE
>> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_ECDH_USE
>> 
>> I removed the : and it processed 
>> 
>> 
>>> On Jul 12, 2024, at 09:52, Amos Jeffries <squid3 at treenet.co.nz> wrote:
>>> 
>>> On 13/07/24 04:16, Jonathan Lee wrote:
>>>> tested with removal of IP and port failed If I leave port I get this
>>>> 2024/07/12 09:15:17| Processing: http_port :3128 intercept
>>> 
>>> No  ":" before thr port number.
>>> 
>>> 
>>> Amos
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> https://lists.squid-cache.org/listinfo/squid-users
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20240717/b0066108/attachment.htm>

More information about the squid-users mailing list