cachemgr_passwd disable offline_toggle reconfigure shutdown cachemgr_passwd PASSWORDREDCATED all eui_lookup on acl no_miss url_regex -i gateway\.facebook\.com\/ws\/realtime\? acl no_miss url_regex -i web-chat-e2ee\.facebook\.com\/ws\/chat acl CONNECT method CONNECT acl wuCONNECT dstdomain www.update.microsoft.com acl wuCONNECT dstdomain sls.microsoft.com http_access allow CONNECT wuCONNECT localnet http_access allow CONNECT wuCONNECT localhost http_access allow windowsupdate localnet http_access allow windowsupdate localhost http_access allow HttpAccess localnet http_access allow HttpAccess localhost http_access deny manager http_access deny to_ipv6 http_access deny from_ipv6
acl BrokenButTrustedServers dstdomain "/usr/local/pkg/dstdom.broken" acl DomainMismatch ssl_error SQUID_X509_V_ERR_DOMAIN_MISMATCH sslproxy_cert_error allow BrokenButTrustedServers DomainMismatch sslproxy_cert_error deny all acl splice_only src 192.168.1.8 #Tasha iPhone acl splice_only src 192.168.1.10 #Jon iPhone acl splice_only src 192.168.1.11 #Amazon Fire acl splice_only src 192.168.1.15 #Tasha HP acl splice_only src 192.168.1.16 #iPad acl splice_only_mac arp MACADDRESSREDACTED acl splice_only_mac arp MACADDRESSREDACTED acl splice_only_mac arp MACADDRESSREDACTED acl splice_only_mac arp MACADDRESSREDACTED acl splice_only_mac arp MACADDRESSREDACTED acl NoSSLIntercept ssl::server_name_regex -i "/usr/local/pkg/reg.url.nobump" acl NoBumpDNS dstdomain "/usr/local/pkg/dns.nobump" acl markBumped annotate_client bumped=true acl active_use annotate_client active=true acl bump_only src 192.168.1.3 #webtv acl bump_only src 192.168.1.4 #toshiba acl bump_only src 192.168.1.5 #imac acl bump_only src 192.168.1.9 #macbook acl bump_only src 192.168.1.13 #dell acl bump_only_mac arp MACADDRESSREDACTED acl bump_only_mac arp MACADDRESSREDACTED acl bump_only_mac arp MACADDRESSREDACTED acl bump_only_mac arp MACADDRESSREDACTED acl bump_only_mac arp MACADDRESSREDACTED sslproxy_cert_sign signTrusted bump_only_mac ssl_bump peek step1 miss_access deny no_miss active_use ssl_bump splice https_login active_use ssl_bump splice splice_only_mac splice_only active_use ssl_bump splice NoBumpDNS active_use ssl_bump splice NoSSLIntercept active_use ssl_bump bump bump_only_mac bump_only active_use acl activated note active_use true ssl_bump terminate !activated shutdown_lifetime 1 seconds negative_dns_ttl 5 minutes Does the MAC address and bump have anything to do with it? This worked in the older versions without having to input a MAC for the loopback > On Jul 11, 2024, at 11:08, Jonathan Lee <jonathanlee...@gmail.com> wrote: > > I use http access acl set as followed > > acl getmethod method GET > acl to_ipv6 dst ipv6 > acl from_ipv6 src ipv6 > acl HttpAccess dstdomain "/usr/local/pkg/http.access” > > > /usr/local/pkg/http.access > contains: > office.com > data.microsoft.com > windowsupdate.com > dc1-st.ksn.kaspersky-labs.com > dc1-file.ksn.kaspersky-labs.com > dc1.ksn.kaspersky-labs.com > gsa.apple.com > apps.apple.com > certs.apple.com > crl.apple.com > entrust.net > digicert.com > ocsp.apple.com > ocsp2.apple.com > valid.apple.com > push.apple.com > itunes.apple.com > appldnld.apple.com > gg.apple.com > gs.apple.com > mesu.apple.com > oscdn.apple.com > osrecovery.apple.com > swcdn.apple.com > swdownload.apple.com > updates-http.cdn-apple.com > appldnld.apple.com.edgesuite.net > suconfig.apple.com > audiocontentdownload.apple.com > devimages-cdn.apple.com > download.developer.apple.com > sylvan.apple.com > static.ips.apple.com > > > http_access allow CONNECT wuCONNECT localnet > http_access allow CONNECT wuCONNECT localhost > http_access allow windowsupdate localnet > http_access allow windowsupdate localhost > http_access allow HttpAccess localnet > http_access allow HttpAccess localhost > http_access deny manager > http_access deny to_ipv6 > http_access deny from_ipv6 > >> On Jul 11, 2024, at 11:02, Jonathan Lee <jonathanlee...@gmail.com> wrote: >> >> also >> >> Shell Output - squidclient -h 127.0.0.1 -v -U admin -W redacted mgr:info >> Request: >> GET http://127.0.0.1:3128/squid-internal-mgr/info HTTP/1.0 >> Host: 127.0.0.1:3128 >> User-Agent: squidclient/6.6 >> Accept: */* >> Authorization: Basic YWRtaW46R09Qc3lzdGVtYWRtaW4xIQ== >> Connection: close >> >> >> . >> HTTP/1.1 403 Forbidden >> Server: squid >> Mime-Version: 1.0 >> Date: Thu, 11 Jul 2024 18:01:46 GMT >> Content-Type: text/html;charset=utf-8 >> Content-Length: 3788 >> X-Squid-Error: ERR_ACCESS_DENIED 0 >> Vary: Accept-Language >> Content-Language: en >> Cache-Status: Lee_Family.home.arpa >> Cache-Status: Lee_Family.home.arpa;detail=no-cache >> Connection: close >> >>> On Jul 11, 2024, at 10:57, Jonathan Lee <jonathanlee...@gmail.com> wrote: >>> >>> Shell Output - squidclient -v -U admin -W REDACTED mgr:info >>> Request: >>> GET http://localhost:3128/squid-internal-mgr/info HTTP/1.0 >>> Host: localhost:3128 >>> User-Agent: squidclient/6.6 >>> Accept: */* >>> Authorization: Basic YWRtaW46R09Qc3lzdGVtYWRtaW4xIQ== >>> Connection: close >>> >>> >>> . >>> HTTP/1.1 403 Forbidden >>> Server: squid >>> Mime-Version: 1.0 >>> Date: Thu, 11 Jul 2024 17:55:05 GMT >>> Content-Type: text/html;charset=utf-8 >>> Content-Length: 3788 >>> X-Squid-Error: ERR_ACCESS_DENIED 0 >>> Vary: Accept-Language >>> Content-Language: en >>> Cache-Status: Lee_Family.home.arpa >>> Cache-Status: Lee_Family.home.arpa;detail=no-cache >>> Connection: close >>> >>> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" >>> "http://www.w3.org/TR/html4/strict.dtd";> >>> <html><head> >>> <meta type="copyright" content="Copyright (C) 1996-2023 The Squid Software >>> Foundation and contributors"> >>> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> >>> <title>ERROR: The requested URL could not be retrieved</title> >>> <style type="text/css"><!-- >>> /* >>> * Copyright (C) 1996-2023 The Squid Software Foundation and contributor >>> >>> Shell Output - squidclient -v -U admin -W REDACTED /squid-internal-mgr/info >>> Request: >>> GET /squid-internal-mgr/info HTTP/1.0 >>> User-Agent: squidclient/6.6 >>> Accept: */* >>> Authorization: Basic YWRtaW46R09Qc3lzdGVtYWRtaW4xIQ== >>> Connection: close >>> >>> >>> . >>> HTTP/1.1 403 Forbidden >>> Server: squid >>> Mime-Version: 1.0 >>> Date: Thu, 11 Jul 2024 17:56:48 GMT >>> Content-Type: text/html;charset=utf-8 >>> Content-Length: 3788 >>> X-Squid-Error: ERR_ACCESS_DENIED 0 >>> Vary: Accept-Language >>> Content-Language: en >>> Cache-Status: Lee_Family.home.arpa >>> Cache-Status: Lee_Family.home.arpa;detail=no-cache >>> Connection: close >>> >>> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" >>> "http://www.w3.org/TR/html4/strict.dtd";> >>> <html><head> >>> <meta type="copyright" content="Copyright (C) 1996-2023 The Squid Software >>> Foundation and contributors"> >>> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> >>> <title>ERROR: The requested URL could not be retrieved</title> >>> <style type="text/css"><!-- >>> /* >>> * Copyright (C) 1996-2023 The Squid Software Foundation and contributors >>> Tested both and they also failed >>> >>>> On Jul 11, 2024, at 10:27, Jonathan Lee <jonathanlee...@gmail.com> wrote: >>>> >>>> Thanks what about the password is it set with@ or -p where would I place >>>> that? >>>> Sent from my iPhone >>>> >>>>> On Jul 11, 2024, at 10:17, Amos Jeffries <squ...@treenet.co.nz> wrote: >>>>> >>>>> >>>>>> On 11/07/24 06:08, Alex Rousskov wrote: >>>>>> On 2024-07-10 12:55, Jonathan Lee wrote: >>>>>>>> Embedding a password in a cache manager command requires providing a >>>>>>>> username with -U >>>>>>> squidclient -w /squid-internal-mgr/info -u admin >>>>>>> squidclient -w /squid-internal-mgr/info@redacted -u admin >>>>>>> squidclient -w http://192.168.1.1:3128/squid-internal-mgr/info@redacted >>>>>>> -u admin >>>>>>> squidclient -w http://127.0.0.1:3128/squid-internal-mgr/info@redacted >>>>>>> -u admin >>>>>>> squidclient -w http://127.0.0.1:3128/squid-internal-mgr/info >>>>>>> squidclient http://127.0.0.1:3128/squid-internal-mgr/info >>>>>>> squidclient -h 127.0.0.1:3128/squid-internal-mgr/info >>>>>>> squidclient -h 127.0.0.1 /squid-internal-mgr/info >>>>>>> squidclient -h 127.0.0.1 /squid-internal-mgr/info@redcated >>>>>>> squidclient -w 127.0.0.1 /squid-internal-mgr/info@redacted >>>>>>> squidclient -w 127.0.0.1 /squid-internal-mgr/info@redcated -u admin >>>>>>> squidclient -h 192.168.1.1:3128 /squid-internal-mgr/info@redacted >>>>>>> squidclient -h 192.168.1.1 /squid-internal-mgr/info@redacted >>>>>>> squidclient -h 192.168.1.1 /squid-internal-mgr/info >>>>>>> >>>>>>> with -w -u -h http spaces I can’t get it to show me stats >>>>>>> >>>>>>> Squid 6.6 >>>>>> I do not know whether this mistake is relevant, but squidclient >>>>>> documentation and error message imply that you should be using "-U" >>>>>> (capital letter U) while you are using "-u" (small letter u). >>>>> >>>>> >>>>> It is very relevant. As Matus already mentioned, both -U and -W. >>>>> >>>>> >>>>> squidclient -v -U admin -W cachemgr_password mgr:info >>>>> Request: >>>>> GET http://localhost:3128/squid-internal-mgr/info HTTP/1.0 >>>>> Host: localhost:3128 >>>>> User-Agent: squidclient/6.10 >>>>> Accept: */* >>>>> Authorization: Basic YWRtaW46Y2FjaGVtZ3JfcGFzc3dvcmQ= >>>>> Connection: close >>>>> >>>>> >>>>> squidclient -v -U admin -W cachemgr_password /squid-internal-mgr/info >>>>> Request: >>>>> GET /squid-internal-mgr/info HTTP/1.0 >>>>> Host: localhost:3128 >>>>> User-Agent: squidclient/6.10 >>>>> Accept: */* >>>>> Authorization: Basic YWRtaW46Y2FjaGVtZ3JfcGFzc3dvcmQ= >>>>> Connection: close >>>>> >>>>> >>>>> Cheers >>>>> Amos >>>>> _______________________________________________ >>>>> squid-users mailing list >>>>> squid-users@lists.squid-cache.org >>>>> https://lists.squid-cache.org/listinfo/squid-users >>> >> >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org https://lists.squid-cache.org/listinfo/squid-users
