0

In older versions of versions of squid, you had to define an acl 'all'.

acl all src 0.0.0.0/0.0.0.0

You use this for http_access allow all http_access deny all etc.

In Squid 3.0 and above, the 'all' ACL is built-in, you cannot (& need not) define it.

However, the webmin squid module doesn't seem to know this - when you try to add a rule using all, it doesn't show 'all' in it's list of ACLs.

How does one get around this?

I am using webmin 1.530 on Debian Lenny. Squid Version is 3.0.STABLE19-1~bpo50+1

Genboy
  • 69
  • 1
  • 9
  • This question appears to be off-topic because it is about [`working with a service provider's management interface, such as cPanel`](http://serverfault.com/help/on-topic). – HopelessN00b Jan 14 '15 at 02:16

2 Answers2

0

webmin does not have a module for Squid3 yet. You are probably using a module for Squid2. Beside the fact that all is now built-in there are a lot of new directives he does not understand. IMHO you will be better off editing squid.conf by hand or using Squid2.

Edit:

I just checked with Squid3 documentation. They have a 'Recommended minimum acl configuration'. And the first line is acl all src 0.0.0.0/0.0.0.0. So yes, you definitely can add that line. It's no error.

Art Shayderov
  • 246
  • 2
  • 8
  • In squid3, can I add an acl ` acl all src 0.0.0.0/0.0.0.0` and ignore the warning? – Genboy Feb 28 '11 at 11:04
  • I think the documentation is not updated. When I add the directive, I get the following warning when restarting Squid 2011/03/01 13:13:33| WARNING: '0.0.0.0/0.0.0.0' is a subnetwork of '0.0.0.0/0.0.0.0' 2011/03/01 13:13:33| WARNING: because of this '0.0.0.0/0.0.0.0' is ignored to keep splay tree searching predictable 2011/03/01 13:13:33| WARNING: You should probably remove '0.0.0.0/0.0.0.0' from the ACL named 'all' 2011/03/01 13:13:33| squid.conf line 2575: http_access allow 2011/03/01 13:13:33| aclParseAccessLine: Access line contains no ACL's, skipping – Genboy Mar 01 '11 at 07:44
  • I was able to reproduce. For me first 2 lines are: 2011/03/01 21:13:46| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'. 2011/03/01 21:13:46| SECURITY NOTICE: Overriding config setting. Using 'all' instead. I don't think this warning will affect anything though. What about: http_access allow 2011/03/01 13:13:33| aclParseAccessLine: Access line contains no ACL's, skipping - did you forget to add 'all'? – Art Shayderov Mar 01 '11 at 18:17
  • Yes, forgot to add 'all'. The http_access warning was my mistake. – Genboy Mar 02 '11 at 12:15
0

I can't figure out exactly what you're saying Webmin is doing wrong here, but if it's a bug in Webmin you should file a bug in the bug tracker, rather than asking random people at Server Fault how to work around it. Webmin is very actively developed...there's never any reason to work around bugs or incompatibilities in Webmin: Tell someone who can fix it, and it will get fixed fast.

You can use the bug tracker at Virtualmin.com or the SourceForge.net one (but the Virtualmin.com tracker is faster, works better, and will get Jamie's attention faster, so I recommend it).

swelljoe
  • 1,415
  • 8
  • 12
  • It's not a bug in Webmin. The Squid Module for Webmin hasn't updated for squid3. I am asking for a workaround to get it to work with squid3. Any squid version of the last 2 years will have this issue with the webmin squid module. So may be Webmin is actively developed, but may the squid module isn't. I doubt if there is any one using it with the current versions of squid who hasn't hit this problem - it's pretty basic. – Genboy Mar 02 '11 at 12:15
  • Actually, Webmin's Squid module *was* updated for Squid 3.0, but I'm guessing this was a change that came between the betas used for the original support in Webmin and the current stable versions. File a ticket, and it will get fixed. It's really not hard to file a ticket; and you'll then end up with a Webmin that supports the software you're using. If no one reports a problem, regardless of how many people hit it, it doesn't get fixed. – swelljoe Mar 02 '11 at 23:55
  • I have opened a webmin bug here - https://sourceforge.net/tracker/?func=detail&aid=3198123&group_id=17457&atid=117457 Thank you for your help. – Genboy Mar 03 '11 at 04:58