Hello, I'm having an issue configuring an external ACL, the error i get is:
I'm running Squid version 4.10 on Ubuntu Server 20.04
Thanks in advance!
Can't use proxy auth because no authentication schemes are fully configured.
FATAL: ERROR: Invalid ACL: acl ext_acl external acl_name
Here is my config:
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
external_acl_type acl_name %SRC %LOGIN %DST /etc/squid/ext_acl.py
acl ext_acl external acl_name
http_access allow ext_acl
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
And here is the python script:
#!/usr/bin/python3
import sys
import logging
import time
def grant ():
sys.stdout.write('OK\n')
sys.stdout.flush()
def deny ():
sys.stdout.write('ERR\n')
sys.stdout.flush()
while True:
line = sys.stdin.readline().strip()
if line:
deny()
else:
time.sleep( 1 )
The python script has 777 permissions and is owned by the proxy user.
Running it through the terminal results in expected output and expected behaviour.
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
