Re: [squid-users] squidclient -h 127.0.0.1 -p 3128 mgr:info shows access denined

Jonathan Lee Wed, 17 Jul 2024 21:46:56 -0700

Again still no status page

This is the active php code used


function squid_status() {
        if (is_service_running('squid')) {
                init_config_arr(array('installedpackages', 
'squidcache','config'));
                $proxy_ifaces = explode(",", 
config_get_path('installedpackages/squid/config/0/active_interface', ''));
                foreach ($proxy_ifaces as $iface) {
                        if (get_interface_ip($iface)) {
                                $ip = get_interface_ip($iface);
                                $lip = '127.0.0.1';
                        } else {
                                $ip = get_interface_ipv6($iface);
                                $lip = '::1';
                        }
                        exec("/usr/local/sbin/squidclient -l " . 
escapeshellarg($lip) .
                                " -h " . escapeshellarg($ip) . " mgr:info", 
$result);
                }
        } else {
                return(gettext('Squid Proxy is not running.'));


I use to just append the password after mgr:info@password and it worked however 
now nothing….

Also 

squidclient -l 127.0.0.1 -h localhost mgr:info 

I get nothing with password removed  

> On Jul 17, 2024, at 21:08, Jonathan Lee <jonathanlee...@gmail.com> wrote:
> 
> 2024/07/17 21:07:37| Processing Configuration File: 
> /usr/local/etc/squid/squid.conf (depth 0)
> 2024/07/17 21:07:37| Processing: http_port 192.168.1.1:3128 ssl-bump 
> generate-host-certificates=on dynamic_cert_mem_cache_size=20MB 
> cert=/usr/local/etc/squid/serverkey.pem 
> cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ 
> cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
>  tls-dh=prime256v1:/etc/dh-parameters.2048 
> options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
> 2024/07/17 21:07:37| WARNING: UPGRADE: 
> 'cafile=/usr/local/share/certs/ca-root-nss.crt' is deprecated in http_port. 
> Use 'tls-cafile=' instead.
> 2024/07/17 21:07:37| WARNING: Failed to decode EC parameters 
> '/etc/dh-parameters.2048'
>     OpenSSL-saved error #1: 0x1e08010c
> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_DH_USE
> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_ECDH_USE
> 2024/07/17 21:07:37| Processing: http_port 3128 intercept ssl-bump 
> generate-host-certificates=on dynamic_cert_mem_cache_size=20MB 
> cert=/usr/local/etc/squid/serverkey.pem 
> cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ 
> cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
>  tls-dh=prime256v1:/etc/dh-parameters.2048 
> options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
> 2024/07/17 21:07:37| Starting Authentication on port [::]:3128
> 2024/07/17 21:07:37| Disabling Authentication on port [::]:3128 (interception 
> enabled)
> 2024/07/17 21:07:37| WARNING: UPGRADE: 
> 'cafile=/usr/local/share/certs/ca-root-nss.crt' is deprecated in http_port. 
> Use 'tls-cafile=' instead.
> 2024/07/17 21:07:37| WARNING: Failed to decode EC parameters 
> '/etc/dh-parameters.2048'
>     OpenSSL-saved error #1: 0x1e08010c
> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_DH_USE
> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_ECDH_USE
> 2024/07/17 21:07:37| Processing: https_port 3129 intercept ssl-bump 
> generate-host-certificates=on dynamic_cert_mem_cache_size=20MB 
> cert=/usr/local/etc/squid/serverkey.pem 
> cafile=/usr/local/share/certs/ca-root-nss.crt capath=/usr/local/share/certs/ 
> cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
>  tls-dh=prime256v1:/etc/dh-parameters.2048 
> options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
> 2024/07/17 21:07:37| Starting Authentication on port [::]:3129
> 2024/07/17 21:07:37| Disabling Authentication on port [::]:3129 (interception 
> enabled)
> 2024/07/17 21:07:37| WARNING: UPGRADE: 
> 'cafile=/usr/local/share/certs/ca-root-nss.crt' is deprecated in https_port. 
> Use 'tls-cafile=' instead.
> 2024/07/17 21:07:37| WARNING: Failed to decode EC parameters 
> '/etc/dh-parameters.2048'
>     OpenSSL-saved error #1: 0x1e08010c
> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_DH_USE
> 2024/07/17 21:07:37| ERROR: Unsupported TLS option SINGLE_ECDH_USE
> 
> I removed the : and it processed 
> 
> 
>> On Jul 12, 2024, at 09:52, Amos Jeffries <squ...@treenet.co.nz> wrote:
>> 
>> On 13/07/24 04:16, Jonathan Lee wrote:
>>> tested with removal of IP and port failed If I leave port I get this
>>> 2024/07/12 09:15:17| Processing: http_port :3128 intercept
>> 
>> No  ":" before thr port number.
>> 
>> 
>> Amos
>> _______________________________________________
>> squid-users mailing list
>> squid-users@lists.squid-cache.org
>> https://lists.squid-cache.org/listinfo/squid-users
>

_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] squidclient -h 127.0.0.1 -p 3128 mgr:info shows access denined

Reply via email to