Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cachemgr.cgi???

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 3 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      behind.you
      last edited by

      Hello everybody,

      I cannot for the love of [insert your deity here] make cachemgr.cgi work with squid3 (pfsense 2.1)

      I've followed to the 'T' this (dated) how to: https://forum.pfsense.org/index.php/topic,14609.msg77312.html

      Nothing… when access the Cache Manager page it asks for Manager Name and password... I tried all the combination I could think of... no access...

      my (relevant part) for squid.conf are:

      
      cache_manager admin@charon
      cachemgr_passwd disable offline_toggle reconfigure shutdown
      cachemgr_passwd none all
      
      ...
      
      #acl localhost src 127.0.0.1/32
      acl localhost src 192.168.1.1/32
      
      

      192.168.1.1 is the address of the LAN interface

      Any ideas? Hints?

      cheers

      -bu

      1 Reply Last reply Reply Quote 0
      • ExolonE
        Exolon
        last edited by

        Check this post:

        http://forum.pfsense.org/index.php?topic=67607.0

        ;)

        1 Reply Last reply Reply Quote 0
        • B
          behind.you
          last edited by

          Thanks man!

          I like this solution, I do not mind that the page won't be integrated into pfsense's webConfigurator. I use Bandwithd too, so it won't be that strange  ;)

          Right now I cannot test it, but I will report back with the results tomorrow when I will try.

          -bu

          1 Reply Last reply Reply Quote 0
          • B
            behind.you
            last edited by

            @Exolon:

            Check this post:

            http://forum.pfsense.org/index.php?topic=67607.0

            ;)

            Exolon you're a star! it works like a treat  ;D

            1 Reply Last reply Reply Quote 0
            • N
              Nachtfalke
              last edited by

              Hi,

              I added this to the custom configuration on squid GUI:

              
              cachemgr_passwd disable offline_toggle reconfigure shutdown;
              cachemgr_passwd myVerySecretMasswordForUserAdmin all;
              
              

              The ACL part you did I just added on GUI squid –> Access Control --> External Cache-Managers
              There I added just an IP address of one of my VLAN interfaces (LAN site).

              Then I will be prompted for username - which is admin - an my password myVerySecretMasswordForUserAdmin

              Not sure but if you do not use any password then it could be possible for someone from your LAN to check the cachmgr.cgi which probably should not be possible.

              PS:
              I am using squid 2.x and pfsense 2.0.3

              1 Reply Last reply Reply Quote 0
              • B
                behind.you
                last edited by

                @Nachtfalke:

                The ACL part you did I just added on GUI squid –> Access Control --> External Cache-Managers
                There I added just an IP address of one of my VLAN interfaces (LAN site).

                unfortunately, squid 3.x GUI does not have a 'External Cache-Managers ACL' under squid GUI –> ACLs

                Or maybe I am just blind and cannot see it  :)

                Then I will be prompted for username - which is admin - an my password myVerySecretMasswordForUserAdmin

                Not sure but if you do not use any password then it could be possible for someone from your LAN to check the cachmgr.cgi which probably should not be possible.

                On my network, pfSense webConfigurator is only accessible if you are in the "management" network… clients on the lan have to tunnel through VPN to access the management network and I am the only user allowed to get there... of course, I should probably set a password because "you never know"tm

                I will look into it. Thanks.

                -bu

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.