Bug #4526
closedIncorrect subnet is calculated for proxy server on WAN with "Allow users on interface"
0%
Description
steps to rep:
1. WAN IP is a non-RFC1918 IP;
2. Proxy server is on WAN;
3. "Allow users on interface" checkbox is checked;
This will cause proxy stop working and logs will contain:php-fpm[24532]: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was '2015/03/17 19:07:48| aclParseIpData: unknown netmask '0.91519559599079' in '80.64.24.129/0.91519559599079' FATAL: Bungled /usr/pbi/squid-amd64/local/etc/squid/squid.conf line 25: acl localnet src 80.64.24.129/0.91519559599079 Squid Cache (Version 3.4.10): Terminated abnormally. CPU Usage: 0.037 seconds = 0.030 user + 0.007 sys Maximum Resident Size: 47680 KB Page faults with physical i/o: 0'
Squid 3.4.10_2 pkg 0.2.6 @ pfSense 2.2 x64;
Checkbox description is not fair either:If this field is checked, the users connected to the interface selected in the 'Proxy interface' field will be allowed to use the proxy, i.e., there will be no need to add the interface's subnet to the list of allowed subnets. This is just a shortcut.
It should be something like that:Automatically allow access for selected proxy interfaces subnets