[squid-users] Squid 6.6 shows configuration failure: requires TPROXY feature to be enabled by ./configure

Wed, 17 Jul 2024 21:26:17 -0700 

How do we enable tproxy in Squid 6.6 in 5.8 we could just adapt the Squid.conf 
and it would enable tproxy 


2024/07/17 21:22:41| Processing Configuration File: 
/usr/local/etc/squid/squid.conf (depth 0)
2024/07/17 21:22:41| Processing: http_port 192.168.1.1:3128 ssl-bump 
generate-host-certificates=on dynamic_cert_mem_cache_size=20MB 
cert=/usr/local/etc/squid/serverkey.pem 
cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ 
cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
 tls-dh=prime256v1:/etc/dh-parameters.2048 
options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
2024/07/17 21:22:41| WARNING: UPGRADE: 
'cafile=/usr/local/share/certs/ca-root-nss.crt' is deprecated in http_port. Use 
'tls-cafile=' instead.
2024/07/17 21:22:41| WARNING: Failed to decode EC parameters 
'/etc/dh-parameters.2048'
    OpenSSL-saved error #1: 0x1e08010c
2024/07/17 21:22:41| ERROR: Unsupported TLS option SINGLE_DH_USE
2024/07/17 21:22:41| ERROR: Unsupported TLS option SINGLE_ECDH_USE
2024/07/17 21:22:41| Processing: http_port 127.0.0.1:3128 tproxy ssl-bump 
generate-host-certificates=on dynamic_cert_mem_cache_size=20MB 
cert=/usr/local/etc/squid/serverkey.pem 
cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ 
cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
 tls-dh=prime256v1:/etc/dh-parameters.2048 
options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE

This error never occurred for 5.8
**---->2024/07/17 21:22:41| ERROR: configuration failure: requires TPROXY 
feature to be enabled by ./configure**


    exception location: Intercept.cc(163) StartTransparency
2024/07/17 21:22:41| Not currently OK to rewrite swap log.
2024/07/17 21:22:41| storeDirWriteCleanLogs: Operation aborted.
2024/07/17 21:22:41| FATAL: Bungled /usr/local/etc/squid/squid.conf line 6: 
http_port 127.0.0.1:3128 tproxy ssl-bump generate-host-certificates=on 
dynamic_cert_mem_cache_size=20MB cert=/usr/local/etc/squid/serverkey.pem 
cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ 
cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
 tls-dh=prime256v1:/etc/dh-parameters.2048 
options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
2024/07/17 21:22:41| Squid Cache (Version 6.6): Terminated abnormally.
CPU Usage: 0.073 seconds = 0.049 user + 0.024 sys
Maximum Resident Size: 62512 KB
Page faults with physical i/o: 0

_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users

Reply via email to