+ Post New Thread
Results 1 to 9 of 9
*nix Thread, Squid Dynamic ACL in Technical; Hi All, I have squid setup up running and I want to add IP addresses to a text file and ...
  1. #1

    Join Date
    Jun 2008
    Posts
    38
    Thank Post
    4
    Thanked 2 Times in 1 Post
    Rep Power
    13

    Squid Dynamic ACL

    Hi All,

    I have squid setup up running and I want to add IP addresses to a text file and load that into the squid config. Then I can just add a new IP address to the file and it will work without restarting the service.

    I have tried this in the config but it is not working:

    acl localnet src "path/to/file/trusted_ip.txt"

    obviously I changed the path to the correct one!

    Am I missing something? The txt file has only one ip address init that I am using to test with:

    10.143.20.96/255.255.255.255

    If i add this line:

    acl localnet src 10.143.20.96/255.255.255.255

    It works perfectly however, the ip address will be random and i do not want to have to restart the squid service.

    Is this possible?

  2. #2

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    17
    Yes, it's possible but you still have to tell squid to re-read its config file. Either run 'squid -k reconfigure' or send a HUP signal to the running process.

    What I do is have a background process running which watches the text file and sends squid a HUP (that's the Unix 'Hang Up' signal) whenever the file's timestamp changes.

  3. #3

    Join Date
    Jun 2008
    Posts
    38
    Thank Post
    4
    Thanked 2 Times in 1 Post
    Rep Power
    13
    Thanks for the reply, When I point the conf at the txt file it does not work. If I enter the IP into the conf file directly it works.

    Is there anything special I need to do to get IP addresses working from an external file?

  4. #4

    Join Date
    May 2008
    Posts
    213
    Thank Post
    2
    Thanked 27 Times in 27 Posts
    Rep Power
    17
    slash notation should just be /255 no?

  5. #5

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    Quote Originally Posted by nicklec View Post
    slash notation should just be /255 no?
    whut? No. 255.255.255.255 = /32.

    Classless Inter-Domain Routing - Wikipedia, the free encyclopedia

  6. #6

    Join Date
    May 2008
    Posts
    213
    Thank Post
    2
    Thanked 27 Times in 27 Posts
    Rep Power
    17
    Quote Originally Posted by powdarrmonkey View Post
    Yeah sorry confused myself, have you added the line below the acl, "http_access allow aclname"?

  7. #7

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    17
    Have you made sure that the running squid process has permission to read the trusted_ip.txt file?

  8. #8

    Join Date
    Jun 2008
    Posts
    38
    Thank Post
    4
    Thanked 2 Times in 1 Post
    Rep Power
    13
    It defiantly has permissions to view it. it is very strange that putting it directly in the config works but the txt doesn't!

    Not sure what to try next!

  9. #9

    Join Date
    Jun 2008
    Posts
    38
    Thank Post
    4
    Thanked 2 Times in 1 Post
    Rep Power
    13
    all working now i started again from scratch and its fine!

    Thanks

SHARE:
+ Post New Thread

Similar Threads

  1. Squid3 - ACL
    By Hightower in forum *nix
    Replies: 6
    Last Post: 23rd January 2009, 11:32 AM
  2. ACL
    By kevin_lane in forum Coding
    Replies: 1
    Last Post: 19th December 2008, 06:09 PM
  3. Sticky ACL's samba
    By CyberNerd in forum *nix
    Replies: 4
    Last Post: 21st July 2008, 10:33 AM
  4. joomla acl
    By alonebfg in forum EduGeek Joomla 1.0 Package
    Replies: 1
    Last Post: 21st March 2008, 04:19 PM
  5. squid acl
    By browolf in forum *nix
    Replies: 20
    Last Post: 20th April 2007, 08:55 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •