Jump to content
Kev

Squid test config file for syntax errors

Recommended Posts

squid-logo.png

Quote

 

installed Squid Proxy server on Ubuntu 20.04 LTS. How do I make sure my squid.conf file is free from syntax errors and test config file for errors?

 

Wherever you changed or updated the Squid proxy server, you should verify that your squid.conf file is error-free. It is an easy task. To check the squid.conf file for any syntax errors and warnings type the following commands.

 

How-to-Squid-test-or-check-config-file-f

 

Test or check your Squid proxy server configuration file for Errors

Open the Terminal Window and then type the following command. For remote Linux and Unix server login using the ssh command:

$ ssh vivek@server1.cyberciti.biz

Now run the following command as root user:
 

Quote

# squid -k parse
## OR use full path ##
$ sudo /usr/sbin/squid3 -k parse
## Filter out error using the grep command/egrep command ##
# squid -k parse | grep 'error'
# squid -k parse | egrep 'foo|bar'

 

Sample session:

2020/08/08 08:16:42| Startup: Initializing Authentication Schemes ...
2020/08/08 08:16:42| Startup: Initialized Authentication Scheme 'basic'
2020/08/08 08:16:42| Startup: Initialized Authentication Scheme 'digest'
2020/08/08 08:16:42| Startup: Initialized Authentication Scheme 'negotiate'
2020/08/08 08:16:42| Startup: Initialized Authentication Scheme 'ntlm'
2020/08/08 08:16:42| Startup: Initialized Authentication.
2020/08/08 08:16:42| Processing Configuration File: /etc/squid/squid.conf (depth 0)
2020/08/08 08:16:42| Processing: acl mylan src 10.8.0.0/24
2020/08/08 08:16:42| Processing: acl mylan src 172.16.0.0/24
2020/08/08 08:16:42| Processing: acl SSL_ports port 443
2020/08/08 08:16:42| Processing: acl Safe_ports port 80          # http
2020/08/08 08:16:42| Processing: acl Safe_ports port 21          # ftp
2020/08/08 08:16:42| Processing: acl Safe_ports port 443         # https
2020/08/08 08:16:42| Processing: acl Safe_ports port 70          # gopher
2020/08/08 08:16:42| Processing: acl Safe_ports port 210         # wais
2020/08/08 08:16:42| Processing: acl Safe_ports port 1025-65535  # unregistered ports
2020/08/08 08:16:42| Processing: acl Safe_ports port 280         # http-mgmt
2020/08/08 08:16:42| Processing: acl Safe_ports port 488         # gss-http
2020/08/08 08:16:42| Processing: acl Safe_ports port 591         # filemaker
2020/08/08 08:16:42| Processing: acl Safe_ports port 777         # multiling http
2020/08/08 08:16:42| Processing: acl CONNECT method CONNECT
2020/08/08 08:16:42| Processing: http_access deny !Safe_ports
2020/08/08 08:16:42| Processing: http_access deny CONNECT !SSL_ports
2020/08/08 08:16:42| Processing: http_access allow localhost manager
2020/08/08 08:16:42| Processing: http_access deny manager
2020/08/08 08:16:42| Processing: http_access allow localhost
2020/08/08 08:16:42| Processing: http_access allow mylan
2020/08/08 08:16:42| Processing: http_access deny all
2020/08/08 08:16:42| Processing: http_port 10.8.0.1:3128
2020/08/08 08:16:42| Processing: dns_v4_first on
2020/08/08 08:16:42| Processing: tcp_outgoing_address 13.xxx.yyy.zzz
2020/08/08 08:16:42| Processing: cache_mem 256 MB
2020/08/08 08:16:42| Processing: cache_dir diskd /var/spool/squid 1024 16 256 Q1=72 Q2=64
2020/08/08 08:16:42| Processing: access_log daemon:/var/log/squid/access.log squid
2020/08/08 08:16:42| Processing: coredump_dir /var/spool/squid
2020/08/08 08:16:42| Processing: refresh_pattern ^ftp:           1440    20%     10080
2020/08/08 08:16:42| Processing: refresh_pattern ^gopher:        1440    0%      1440
2020/08/08 08:16:42| Processing: refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
2020/08/08 08:16:42| Processing: refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
2020/08/08 08:16:42| Processing: refresh_pattern .               0       20%     4320
2020/08/08 08:16:42| Processing: forwarded_for delete
2020/08/08 08:16:42| Processing: via off
2020/08/08 08:16:42| Processing: forwarded_for off
2020/08/08 08:16:42| Processing: follow_x_forwarded_for deny all
2020/08/08 08:16:42| Processing: request_header_access X-Forwarded-For deny all
2020/08/08 08:16:42| Processing: forwarded_for delete
2020/08/08 08:16:42| Processing: dns_nameservers 10.8.0.1
2020/08/08 08:16:42| WARNING: HTTP requires the use of Via
2020/08/08 08:16:42| Initializing https:// proxy context

Example of error reported when we do Squid check config file for syntax errors

# squid -k parse
2020/08/08 08:21:07| Processing: viaproxy off
2020/08/08 08:21:07| /etc/squid/squid.conf:40 unrecognized: 'viaproxy'

Edit the config file and fix that error:

# vim +40 /etc/squid/squid.conf

Find:

viaproxy off

Replace with:

via off

Save and close the file. Now test it again:

# squid -k parse

Now we can reload our squid proxy server without restarting squid daemon as follows:

# squid -k reconfigure

 

How to syntax check the squid configuration file

It is always good to run a ‘squid -k parse‘ and ‘squid -k debug‘ commands to check config syntax error whenever you change your configuration for the proxy server. Please note that Squid refused to start if it detects an error. Hence, we need to make sure there are no errors when the server reboots for kernel updates. If an error exists, Squid will remain down till sysadmin fix syntax errors.

 

Other useful Squid proxy options

The syntax is:

# squid -k command

OR

$ sudo squid -k command

Where command can be any one of the following:

  • reconfigure : Sends a HUP signal to Squid to re-read its configuration files.
  • rotate : Rotate log files.
  • shutdown : Sends a TERM signal to Squid to wait briefly for current connections to finish and then shutdown server. The amount of time to wait is specified with shutdown_lifetime options in squid.conf file.
  • restart : Restart the server
  • interrupt : Sends an INT signal to Squid server. It shutdown immediately, without waiting for current connections.
  • kill : Kill proxy server by sending a KILL signal.
  • debug : Run squid in full debugging mode.
  • check : Sends a “ZERO” signal to the Squid server. This simply checks whether or not the server/process is actually running on your Linux/Unix/BSD box.
  • parse : Parses the squid.conf file for syntax errors.

 

Conclusion

You learned how to parse Squid proxy server configuration file, then send signal to running copy and exit to the CLI. This is useful to test or check for syntax errors in squid.conf and other files. See Squid Proxy server documents for more information.

 

Source

Edited by Kev
replace numbered list
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...