wh_at_msdrd.com wrote:
> I am running squid3 installed in debian (apt-get install squid3). I am
> trying to do some mac filtering but doing:
>
> acl accept arp 00:1A:78:4D:59:F6
> http_access allow accept
> http_access deny all
>
> But, when I try to to restart the server I get this message:
>
> Restarting Squid HTTP Proxy 3.0: squid3
> Waiting.....................done.
> 2008/12/03 16:41:08| aclParseAclLine: Invalid ACL type 'arp'
Your installed squid is not built with --enable-arp-acl
Due to the insecure nature of ARP, and limited uses it is not enabled by
default when building.
Please check up and make yourself aware of how ARP/MAC/EUI-32 Ethernet
addresses operate at the network layer and what their limits and
insecurities are before depending on it.
> 2008/12/03 16:41:08| storeDirWriteCleanLogs: Starting...
> 2008/12/03 16:41:08| Finished. Wrote 0 entries.
> 2008/12/03 16:41:08| Took 0.0 seconds ( 0.0 entries/sec).
> FATAL: Bungled squid.conf line 14: acl accept arp 00:1A:73:4D:58:F7
> Squid Cache (Version 3.0.PRE5): Terminated abnormally.
> CPU Usage: 0.012 seconds = 0.008 user + 0.004 sys
> Maximum Resident Size: 0 KB
> Page faults with physical i/o: 0
> failed!
>
> I've read that I need to configure squid with option --enable-arp-acl.
>
> How can I do this since I didn't compile from source.
Firstly, upgrade to a later package marked STABLE, they are readily
available in the Debian Lenny repositories and are known to work well
with older Debian Etch installs.
I think it was added, but if you find otherwise please report it as a
bug for the Debian package maintainer to handle.
Amos
-- Please be using Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10 Current Beta Squid 3.1.0.2 or 3.0.STABLE11-RC1Received on Thu Dec 04 2008 - 13:14:50 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 04 2008 - 12:00:01 MST