Squid problem with "Allow users on interface" check box
-
version 1.01
squid version 2.5.14_2-p7
This code (or something related) in squid.inc is not working right for the "Allow users on interface" check box:// Allow the remaining ACLs if no authentication is set
if ($auth_method == 'none') {
$allowed = array('localnet', 'allowed_subnets');
$allowed = array_filter($allowed, 'squid_is_valid_acl');
foreach ($allowed as $acl)
$conf .= "http_access allow $acl\n";allowed_subnets works just fine…...
Checked or uncheck, you always get the "http_access allow localnet" in the squid.conf
The "acl localnet src 10.177.0.0/255.255.0.0" is added and deleted properly with the check box.
If you have an http_access rule with no acl, squid gets cranky.
Why not just leave the box checked? Because I want to control access
with the whitelist and CIDR ranges with allowed (local) subnets.Update: I just figured out, if you uncheck the box and click the save button twice,
"http_access allow localnet" is removed from squid.conf.This is still a problem because most users will uncheck the box and only click save once, and that breaks squid.