Bug 43506

Summary: Не запускается squid
Product: Sisyphus Reporter: k_vadim
Component: alterator-squidAssignee: manowar <manowar>
Status: ASSIGNED --- QA Contact: qa-sisyphus
Severity: normal    
Priority: P5 CC: boyarsh, glebfm, manowar, shaba
Version: unstable   
Hardware: x86_64   
OS: Linux   

Description k_vadim 2022-08-12 14:45:42 MSK
Установил такую систему на виртуалку:
cat /etc/os-release 
NAME="starter kit"
VERSION="p10 (Hypericum)"
ID=altlinux
VERSION_ID=p10
PRETTY_NAME="ALT Starterkit (Hypericum)"
ANSI_COLOR="1;33"
CPE_NAME="cpe:/o:alt:starterkit:p10"
HOME_URL="http://en.altlinux.org/starterkits"
BUG_REPORT_URL="https://bugs.altlinux.org/"

Обновился как в мануалах, обновил ядро. Установил alterator, squid.
И дальше о проблеме. При выборе режима работы прокси на прозрачный режим. Он падает с такими сообщениями.
systemctl status squid.service 
× squid.service - Squid Web Proxy Server
     Loaded: loaded (/lib/systemd/system/squid.service; enabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Fri 2022-08-12 13:39:41 MSK; 52min ago
       Docs: man:squid(8)
    Process: 97746 ExecStartPre=/usr/sbin/squid --foreground -z (code=exited, status=0/SUCCESS)
    Process: 97749 ExecStart=/usr/sbin/squid --foreground -sYC $SQUID_OPTS -f $SQUID_CONF (code=exited, status=1/FAILURE)
   Main PID: 97749 (code=exited, status=1/FAILURE)
        CPU: 267ms

авг 12 13:39:41 base squid[97763]: ERROR: No forward-proxy ports configured.
авг 12 13:39:41 base squid[97763]: storeDirWriteCleanLogs: Starting...
авг 12 13:39:41 base squid[97763]:   Finished.  Wrote 0 entries.
авг 12 13:39:41 base squid[97763]:   Took 0.00 seconds (  0.00 entries/sec).
авг 12 13:39:41 base squid[97763]: FATAL: mimeLoadIcon: cannot parse internal URL: http://base:0/squid-internal-static/icons/silk/image.png
авг 12 13:39:41 base squid[97763]: Squid Cache (Version 4.15): Terminated abnormally.
авг 12 13:39:41 base squid[97749]: Squid Parent: squid-1 process 97763 exited with status 1
авг 12 13:39:41 base squid[97749]: Squid Parent: squid-1 process 97763 will not be restarted for 3600 seconds due to repeated, frequent fail>
авг 12 13:39:41 base squid[97749]: Exiting due to repeated, frequent failures
авг 12 13:39:41 base squid[97749]: Removing PID file (/var/run/squid.pid)
[root@base ~]# systemctl stop squid.service 
[root@base ~]# systemctl start squid.service 
Job for squid.service failed because the control process exited with error code.
See "systemctl status squid.service" and "journalctl -xeu squid.service" for details.
[root@base ~]# journalctl -xeu squid
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: ERROR: No forward-proxy ports configured.
авг 12 14:32:19 base squid[97895]: storeDirWriteCleanLogs: Starting...
авг 12 14:32:19 base squid[97895]:   Finished.  Wrote 0 entries.
авг 12 14:32:19 base squid[97895]:   Took 0.00 seconds (  0.00 entries/sec).
авг 12 14:32:19 base squid[97895]: FATAL: mimeLoadIcon: cannot parse internal URL: http://base:0/squid-internal-static/icons/silk/image.png
авг 12 14:32:19 base squid[97895]: Squid Cache (Version 4.15): Terminated abnormally.
авг 12 14:32:19 base squid[97881]: Squid Parent: squid-1 process 97895 exited with status 1
авг 12 14:32:19 base squid[97881]: Squid Parent: squid-1 process 97895 will not be restarted for 3600 seconds due to repeated, frequent fail>
авг 12 14:32:19 base squid[97881]: Exiting due to repeated, frequent failures
авг 12 14:32:19 base squid[97881]: Removing PID file (/var/run/squid.pid)

Потом решил проверить, что написано в конфиге сквида, таким образом:
squid -k parse
2022/08/12 14:39:13| Startup: Initializing Authentication Schemes ...
2022/08/12 14:39:13| Startup: Initialized Authentication Scheme 'basic'
2022/08/12 14:39:13| Startup: Initialized Authentication Scheme 'digest'
2022/08/12 14:39:13| Startup: Initialized Authentication Scheme 'negotiate'
2022/08/12 14:39:13| Startup: Initialized Authentication Scheme 'ntlm'
2022/08/12 14:39:13| Startup: Initialized Authentication.
2022/08/12 14:39:13| Processing Configuration File: /etc/squid/squid.conf (depth 0)
2022/08/12 14:39:13| Processing: acl localnet src 0.0.0.1-0.255.255.255	# RFC 1122 "this" network (LAN)
2022/08/12 14:39:13| Processing: acl localnet src 10.0.0.0/8		# RFC 1918 local private network (LAN)
2022/08/12 14:39:13| Processing: acl localnet src 100.64.0.0/10		# RFC 6598 shared address space (CGN)
2022/08/12 14:39:13| Processing: acl localnet src 169.254.0.0/16 	# RFC 3927 link-local (directly plugged) machines
2022/08/12 14:39:13| Processing: acl localnet src 172.16.0.0/12		# RFC 1918 local private network (LAN)
2022/08/12 14:39:13| Processing: acl localnet src 192.168.0.0/16		# RFC 1918 local private network (LAN)
2022/08/12 14:39:13| Processing: acl localnet src fc00::/7       	# RFC 4193 local private network range
2022/08/12 14:39:13| Processing: acl localnet src fe80::/10      	# RFC 4291 link-local (directly plugged) machines
2022/08/12 14:39:13| Processing: acl SSL_ports port 563    # SNEWS (C)
2022/08/12 14:39:13| Processing: acl Safe_ports port 70    # GOPHER
2022/08/12 14:39:13| Processing: acl Safe_ports port 873    # RSYNC
2022/08/12 14:39:13| Processing: acl Safe_ports port 210    # WAIS
2022/08/12 14:39:13| Processing: acl Safe_ports port 280    # HTTP-MGMT
2022/08/12 14:39:13| Processing: acl Safe_ports port 591    # Filemaker
2022/08/12 14:39:13| Processing: acl Safe_ports port 21    # FTP
2022/08/12 14:39:13| Processing: acl Safe_ports port 488    # GSS-HTTP
2022/08/12 14:39:13| Processing: acl SSL_ports port 443    # HTTPS (C)
2022/08/12 14:39:13| Processing: acl Safe_ports port 777    # Multilingual HTTP
2022/08/12 14:39:13| Processing: acl Safe_ports port 631    # CUPS
2022/08/12 14:39:13| Processing: acl Safe_ports port 1025-65535   # Other ports
2022/08/12 14:39:13| Processing: acl Safe_ports port 80    # HTTP
2022/08/12 14:39:13| Processing: acl Safe_ports port 901    # SWAT
2022/08/12 14:39:13| Processing: acl CONNECT method CONNECT
2022/08/12 14:39:13| Processing: http_access deny !Safe_ports
2022/08/12 14:39:13| Processing: http_access deny CONNECT !SSL_ports
2022/08/12 14:39:13| Processing: http_access allow localhost manager
2022/08/12 14:39:13| Processing: http_access deny manager
2022/08/12 14:39:13| Processing: http_access deny !Safe_ports !SSL_ports
2022/08/12 14:39:13| Processing: acl CONNECT method CONNECT
2022/08/12 14:39:13| Processing: http_access deny CONNECT !SSL_ports
2022/08/12 14:39:13| Processing: acl our_networks src 172.16.1.0/24    # localnet
2022/08/12 14:39:13| Processing: acl our_networks src 127.0.0.0/8    # LOCALHOST
2022/08/12 14:39:13| Processing: http_access deny !our_networks
2022/08/12 14:39:13| Processing: http_access allow all
2022/08/12 14:39:13| Processing: http_access deny all
2022/08/12 14:39:13| Processing: http_port 3128 transparent
2022/08/12 14:39:13| Starting Authentication on port [::]:3128
2022/08/12 14:39:13| Disabling Authentication on port [::]:3128 (interception enabled)
2022/08/12 14:39:13| Processing: coredump_dir /var/spool/squid
2022/08/12 14:39:13| Processing: refresh_pattern ^ftp:		1440	20%	10080
2022/08/12 14:39:13| Processing: refresh_pattern ^gopher:	1440	0%	1440
2022/08/12 14:39:13| Processing: refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
2022/08/12 14:39:13| Processing: refresh_pattern .		0	20%	4320
2022/08/12 14:39:13| Initializing https:// proxy context

И вот тут нашел ошибку.
2022/08/12 14:39:13| Processing: http_port 3128 transparent
Параметр transparent уже не поддерживается. На сколько мне не изменяет память.
Там должно быть 
2022/08/12 14:39:13| Processing: http_port 3128 intercept
И да если указывать только http_port 3128 intercept, без http_port 3129 или любой другой порт, то сквид, так же не запускается.
Comment 1 k_vadim 2022-08-12 15:01:21 MSK
Я кажется нашел, где кроется проблема она кроется, если я не ошибаюсь в файле ajax.scm по этому пути
ls /usr/share/alterator/ui/squid/safe-ports/ajax.scm
Comment 2 k_vadim 2022-08-15 12:57:22 MSK
Еще было бы не плохо, чтобы через веб-интерфейс можно было бы добавлять порты, имеется ввиду, когда изменяешь режим работы сквида, то в конфиге просто меняется номер порта, а если надо чтобы было два или три порта, то приходится изменять только через конфиг. А через веб-морду не получится, потому как нет такой возможности.