First Last Prev Next    This bug is not in your last search results.
Bug 29576 - univention-squid: IPv6 funktiontiert nicht
univention-squid: IPv6 funktiontiert nicht
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Squid
UCS 4.2
Other Linux
: P5 normal (vote)
: UCS 4.2-0-errata
Assigned To: Lukas Oyen
Janek Walkenhorst
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-12-05 18:17 CET by Janek Walkenhorst
Modified: 2017-06-19 15:04 CEST (History)
4 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): IPv6
Max CVSS v3 score:

Attachments
Patchset to enable ipv6 in squid.conf (20.00 KB, application/x-tar)
2016-09-16 10:48 CEST, Lukas Oyen 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Janek Walkenhorst univentionstaff 2012-12-05 18:17:16 CET 
Wenn man auf einem IPv6-only System
 squid/allow/localnet=yes
setzt, dann ist der Zugriff auf den Proxy trotzdem gesperrt.

Das setzen von squid/allowfrom funktioniert auch nicht:

# ucr set squid/allowfrom='2001:db8::/32'
Setting squid/allowfrom
File: /etc/squid3/squid.conf
Traceback (most recent call last):
  File "<stdin>", line 145, in <module>
  File "/usr/lib/python2.6/dist-packages/ipaddr.py", line 1274, in __init__
    raise AddressValueError(addr[0])
ipaddr.AddressValueError: 2001:db8::
Comment 1 Moritz Bunkus 2014-03-26 11:50:46 CET 
Ja, das betrifft mich jetzt mit UCS 3.2 ebenfalls. Beide Punkte sind immer noch aktuell.
Comment 2 Lukas Oyen univentionstaff 2016-09-16 10:48:31 CEST 
Created attachment 8016 [details]
Patchset to enable ipv6 in squid.conf

Contained within the tar archive is a patchset to enable ipv6 in squid.conf. The following changes were made:

1) extend ACL rules `localhost`/`to_localhost` to allow ipv6 addresses
2) small code cleanup
3) extend the parsing of networks from UCR variables `squid/allowfrom` and `squid/parent/directnetworks` to recognize ipv6 networks
4) include all locally configured ipv6 addresses as known squid3 source addresses
Comment 3 Lukas Oyen univentionstaff 2017-04-20 16:12:00 CEST 
Fix to `squid/allowfrom` committed in r78854-r78856, YAML r78858.

The access from a IPv6 localnet should have been supported since the update in r77193.
Comment 4 Janek Walkenhorst univentionstaff 2017-06-19 12:35:53 CEST 
Tests: OK
Advisory: OK
Comment 5 Janek Walkenhorst univentionstaff 2017-06-19 15:04:46 CEST 
<http://errata.software-univention.de/ucs/4.2/46.html>
First Last Prev Next    This bug is not in your last search results.