On 03/21/2018 11:45 AM, paul@xxxxxxxxxxxxxxxxx wrote: > Hello, > > I am running squid 3.5.23 on Debian 9. My goal was to try to set up a > simple proxy server for whitelisting. > > It's working now, but I had some difficulty. In the release notes I came > across this example: > > http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.23-RELEASENOTES.html#s3 > > It shows specifying a whitelist like so: > > acl whitelist dstdomain parameters("/etc/squid/whitelist.txt") > > So I tried this, and spent quite some time trying to figure out why it > didn't work. I got no errors, but this rule seemed to cause rejection of > all destination domains. > > I finally realized there appeared to be something wrong with the > "parameters" handling of the external file, and turned it into: > > acl WHITELIST dstdomain "/etc/squid/whitelist.txt" > > With that one change it worked properly. > > Is this a known bug? IIRC, to use parameters(), you need to turn configuration_includes_quoted_values on: http://www.squid-cache.org/Doc/config/configuration_includes_quoted_values/ Unfortunately, it is extremely difficult to upgrade squid.conf syntax from the current ad hoc mess to something that can be easily validated, extended, and improved. That directive was an attempt to solve one of the major existing syntax problems (handling of spaces in directive parameters), but we could not enable it by default because it could cause difficult-to-detect problems in existing configurations. There were also some regex-related problems IIRC. AFAIK, nobody is working on improving this further. Rejecting or warning about "parameters(" when configuration_includes_quoted_values is off would be one of those improvements. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
