Cachemgr.cgi???



  • Hello everybody,

    I cannot for the love of [insert your deity here] make cachemgr.cgi work with squid3 (pfsense 2.1)

    I've followed to the 'T' this (dated) how to: https://forum.pfsense.org/index.php/topic,14609.msg77312.html

    Nothing… when access the Cache Manager page it asks for Manager Name and password... I tried all the combination I could think of... no access...

    my (relevant part) for squid.conf are:

    
    cache_manager admin@charon
    cachemgr_passwd disable offline_toggle reconfigure shutdown
    cachemgr_passwd none all
    
    ...
    
    #acl localhost src 127.0.0.1/32
    acl localhost src 192.168.1.1/32
    
    

    192.168.1.1 is the address of the LAN interface

    Any ideas? Hints?

    cheers

    -bu





  • Thanks man!

    I like this solution, I do not mind that the page won't be integrated into pfsense's webConfigurator. I use Bandwithd too, so it won't be that strange  ;)

    Right now I cannot test it, but I will report back with the results tomorrow when I will try.

    -bu



  • @Exolon:

    Check this post:

    http://forum.pfsense.org/index.php?topic=67607.0

    ;)

    Exolon you're a star! it works like a treat  ;D



  • Hi,

    I added this to the custom configuration on squid GUI:

    
    cachemgr_passwd disable offline_toggle reconfigure shutdown;
    cachemgr_passwd myVerySecretMasswordForUserAdmin all;
    
    

    The ACL part you did I just added on GUI squid –> Access Control --> External Cache-Managers
    There I added just an IP address of one of my VLAN interfaces (LAN site).

    Then I will be prompted for username - which is admin - an my password myVerySecretMasswordForUserAdmin

    Not sure but if you do not use any password then it could be possible for someone from your LAN to check the cachmgr.cgi which probably should not be possible.

    PS:
    I am using squid 2.x and pfsense 2.0.3



  • @Nachtfalke:

    The ACL part you did I just added on GUI squid –> Access Control --> External Cache-Managers
    There I added just an IP address of one of my VLAN interfaces (LAN site).

    unfortunately, squid 3.x GUI does not have a 'External Cache-Managers ACL' under squid GUI –> ACLs

    Or maybe I am just blind and cannot see it  :)

    Then I will be prompted for username - which is admin - an my password myVerySecretMasswordForUserAdmin

    Not sure but if you do not use any password then it could be possible for someone from your LAN to check the cachmgr.cgi which probably should not be possible.

    On my network, pfSense webConfigurator is only accessible if you are in the "management" network… clients on the lan have to tunnel through VPN to access the management network and I am the only user allowed to get there... of course, I should probably set a password because "you never know"tm

    I will look into it. Thanks.

    -bu


Log in to reply