Search squid archive

Re: squid 3.3.8 failed to start because of hard-coded acl with ::1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hey Craig,

I want to verify the issue.
Do these FreeBSD machines operate only on the ipv4 level?
They will operate on the IPV4 level for a lot of time?
On what level will they not support IPV6? on the level of kernel or also libs?
Before I run to test it.
What are the machine specs?

The line you have mentioned:
http://bazaar.launchpad.net/~squid/squid/3-trunk/view/head:/src/cf.data.pre#L847

Assumes that the machine is ipv6 enabled by default.
There is a possibility to compile squid with "disable-ipv6" flag or a similar name which can help in the basic level. I won't ask from you to patch squid but it should be changed only when ipv4 only system is required.

Thanks,
Eliezer

On 31/12/13 15:23, Craig R. Skinner wrote:
#-=-=-=-=-= FYI -=-=-=-=-=-

This is probably a bug, but I can't create a bugzilla account as there
is no DNS PTR record for east.squid-cache.org, which I've raised with
postmaster@, hostmaster@ & root@xxxxxxxxxxxxxxxxxx

#-=-=-=-=-= FYI -=-=-=-=-=-


When using only IPv4, Squid 3.3.8 fails to start, citing bungled config.

FreeBSD uses a patch, see below.



$ uname -srp
OpenBSD 5.4 i386

$ pkg_info -I squid
squid-3.3.8         WWW and FTP proxy cache and accelerator

$ fgrep family /etc/resolv.conf
family inet4

$ grep ^acl /etc/squid/squid.conf
acl localnet src 192.168.169.0/24       # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

$ /usr/local/sbin/squid -k parse
2013/12/31 11:28:35| Startup: Initializing Authentication Schemes ...
2013/12/31 11:28:35| Startup: Initialized Authentication Scheme 'basic'
2013/12/31 11:28:35| Startup: Initialized Authentication Scheme 'digest'
2013/12/31 11:28:35| Startup: Initialized Authentication Scheme 'negotiate'
2013/12/31 11:28:35| Startup: Initialized Authentication Scheme 'ntlm'
2013/12/31 11:28:35| Startup: Initialized Authentication.
2013/12/31 11:28:35| aclIpParseIpData: Bad host/IP: '::1' in '::1', flags=0 : (-5) no address associated with name
FATAL: Bungled Default Configuration line 11: acl localhost src 127.0.0.1/32 ::1
Squid Cache (Version 3.3.8): Terminated abnormally.
CPU Usage: 0.094 seconds = 0.055 user + 0.039 sys
Maximum Resident Size: 5836 KB
Page faults with physical i/o: 0


$ fgrep family /etc/resolv.conf
#family inet4


$ /usr/local/sbin/squid -k parse
2013/12/31 12:11:05| Startup: Initializing Authentication Schemes ...
2013/12/31 12:11:05| Startup: Initialized Authentication Scheme 'basic'
2013/12/31 12:11:05| Startup: Initialized Authentication Scheme 'digest'
2013/12/31 12:11:05| Startup: Initialized Authentication Scheme 'negotiate'
2013/12/31 12:11:05| Startup: Initialized Authentication Scheme 'ntlm'
2013/12/31 12:11:05| Startup: Initialized Authentication.
2013/12/31 12:11:05| Processing Configuration File:
/etc/squid/squid.conf (depth 0)
2013/12/31 12:11:05| Processing: acl localnet src 192.168.169.0/24 # RFC1918 possible internal network
...
...
..
.
[OK]


Bugged by FreeBSD ports team:
http://www.freebsd.org/cgi/query-pr.cgi?pr=176951
Their patch on same page:
http://www.freebsd.org/cgi/query-pr.cgi?pr=176951&getpatch=1


Maybe about line 846/7 of src/cf.data.pre (revision 13199)
http://bazaar.launchpad.net/~squid/squid/3-trunk/view/head:/src/cf.data.pre


Cheers,






[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux