Is it possible to use this image as an http proxy. When the following statement
http_port 3128 ssl-bump
generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB
cert=/etc/config/myca.pem
key=/etc/config/myca.pem
is added to the config file, then the following error occurs
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
(security_file_certgen): Uninitialized SSL certificate database directory: /var/cache/squid/ssl_db. To initialize, run "security_file_certgen -c -s /var/cache/squid/ssl_db".
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
(security_file_certgen): Uninitialized SSL certificate database directory: /var/cache/squid/ssl_db. To initialize, run "security_file_certgen -c -s /var/cache/squid/ssl_db".
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2019/01/29 20:49:39 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted

Do you know what could be wrong?

I was wondering if there were any plans to use an updated alpine image any time soon. We are using the 5.7 image, and scans show vulnerabilities. Or if you have any recommendations to deal with them. Thanks in advance.

why do you enable negotiate wrapper auth but doesn't enable kerberos auth? The build image doesn't enable it. Afterwards image can't use the kerberos auth. Btw, thanks for your effort you are the only one to keep update the squid docker image.

Hi Dmitry,

I noticed that the current setting of squid.conf is:

$ diff -wU 1 squid.conf.default squid.conf
--- squid.conf.default  2019-08-06 09:34:21.000000000 -0400
+++ squid.conf  2019-08-06 09:34:30.000000000 -0400
@@ -76 +76,2 @@
 refresh_pattern .              0       20%     4320
+include /etc/squid/conf.d/*.conf

However, there are cases that settings need to be added to the front of squid.conf, e.g., when specifying squid authentication -- better put up front. Would you consider adding it please?

If so, I propose something like this:

$ diff -wU 1 squid.conf.default squid.conf
--- squid.conf.default  2019-08-06 09:34:21.000000000 -0400
+++ squid.conf  2019-08-08 17:35:37.239905486 -0400
@@ -1 +1,2 @@
+include /etc/squid/conf.d/front-*.conf
 #
@@ -76 +77,2 @@
 refresh_pattern .              0       20%     4320
+include /etc/squid/conf.d/rear-*.conf

The use of pair front/rear is the best I came up so far. E.g., if using append/prepend, then the file order would be wrong (those being appended are showing in the front when doing ls). The pair begin/end is OK by the order, but I was looking for a prefix pair that of similar length (if not the same).

Please consider.
Thanks!

Under load the squid container seems to restart the process very often and drop all current connections.

kid1| assertion failed: tunnel.cc:1227: "!waitingForConnectExchange"
    current master transaction: master55

Hi,

When I try to use b4tman/squid, I'll get the "Recv failure: Connection reset by peer" error:

$ docker run -d -p 3128:3128 b4tman/squid
0fbd6e8d8d34d601f699527734e45dba197aa7af95dcf79d93ae3cf17f3f84d2

$ curl --proxy http://localhost:3128 http://google.com
curl: (56) Recv failure: Connection reset by peer

My b4tman/squid is the latest that I got minutes ago.

$ docker images | grep squid 
b4tman/squid           latest              487ec5b0a870        29 hours ago        29.9MB

Please help. THX!

I'm using latest image from ghcr.io/b4tman/squid-ssl-bump, and it seems it has issues with permissions.

ghcr.io/b4tman/squid-ssl-bump:6.7 doesn't work

ghcr.io/b4tman/squid-ssl-bump:6.6 - works well

SIGHUP does not seem to work

docker kill --signal=SIGHUP mysquidcontainername

When I use the command 'docker restart squid8012-edge' to restart the containers, Squid does not restart properly and this error occurs.
Is there a configuration error? Please advise, thank you.

squid8012-edge  | 2023/07/06 19:16:46| WARNING: BCP 177 violation. Detected non-functional IPv6 loopback.
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| Processing Configuration File: /etc/squid/squid.conf (depth 0)
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| Created PID file (/var/run/squid/squid.pid)
squid8012-edge  | 2023/07/06 19:16:46 kid1| WARNING: BCP 177 violation. Detected non-functional IPv6 loopback.
squid8012-edge  | 2023/07/06 19:16:46 kid1| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46 kid1| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46 kid1| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46 kid1| Processing Configuration File: /etc/squid/squid.conf (depth 0)
squid8012-edge  | 2023/07/06 19:16:46 kid1| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46 kid1| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46 kid1| Set Current Directory to /var/spool/squid
squid8012-edge  | 2023/07/06 19:16:46 kid1| Creating missing swap directories
squid8012-edge  | 2023/07/06 19:16:46 kid1| No cache_dir stores are configured.
squid8012-edge  | 2023/07/06 19:16:46| Removing PID file (/var/run/squid/squid.pid)
squid8012-edge  | 2023/07/06 19:16:46| WARNING: BCP 177 violation. Detected non-functional IPv6 loopback.
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| Processing Configuration File: /etc/squid/squid.conf (depth 0)
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| aclIpParseIpData: IPv6 has not been enabled.
squid8012-edge  | 2023/07/06 19:16:46| Created PID file (/var/run/squid/squid.pid)
squid8012-edge  | 2023/07/06 19:16:46 kid1| WARNING: BCP 177 violation. Detected non-functional IPv6 loopback.
squid8012-edge  | 2023/07/06 19:16:46 kid1| aclIpParseIpData: IPv6 has not been enabled.

#docker compose file

  squid8012-edge:
    image: b4tman/squid:v6
    container_name: squid8012-edge
    ports:
      - "3128:3128"
    volumes:
      - /docker-data/squid8012-edge/etc/squid/squid.conf:/etc/squid/squid.conf
      - /docker-data/squid8012-edge/etc/squid/ssl:/etc/squid/ssl
      - /docker-data/squid8012-edge/var/spool/squid:/var/spool/squid
      - /docker-data/squid8012-edge/var/logs/squid:/var/log/squid
    environment:
      - TZ=Asia/Shanghai
    networks:
      squid_network:
        ipv4_address: 172.16.0.212
    restart: always

Build: https://cloud.drone.io/b4tman/docker-squid/52/1/2
Docker version: 19.03.8

WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.13/main: temporary error (try again later)

111 | fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/community/armhf/APKINDEX.tar.gz
112 | 4157952912:error:0D0D90AD:asn1 encoding routines:ASN1_TIME_adj:error getting time:crypto/asn1/a_time.c:330:

Release Notes for Alpine 3.13.0

Alpine Linux 3.13.0 requires the host Docker to be version 19.03.9 (which contains backported moby commit 89fabf0) or greater and the host libseccomp to be version 2.4.2 (which contains backported libseccomp commit bf747eb) or greater.

When running docker-compose, it is found that the time zone displayed in the docker logs log is not the local time zone. If docker alpine wants to set the local time zone, the following modifications need to be made:

apk add tzdata

`
FROM alpine:3.19.1 as build

ARG SQUID_VER=6.8

RUN set -x &&
apk add --no-cache
gcc
g++
libc-dev
curl
gnupg
openssl-dev
openssl-libs-static
perl-dev
autoconf
automake
make
pkgconfig
heimdal-dev
libtool
libcap-dev
linux-headers

WORKDIR /tmp/build

RUN set -x &&
curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz -o squid-${SQUID_VER}.tar.gz &&
curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz.asc -o squid-${SQUID_VER}.tar.gz.asc

COPY squid-keys.asc /tmp/build

RUN set -x &&
GNUPGHOME="$(mktemp -d)" &&
export GNUPGHOME &&
gpg --import squid-keys.asc &&
gpg --batch --verify squid-${SQUID_VER}.tar.gz.asc squid-${SQUID_VER}.tar.gz &&
rm -rf "$GNUPGHOME"

RUN set -x &&
tar --strip 1 -xzf squid-${SQUID_VER}.tar.gz &&

MACHINE=$(uname -m) &&

CFLAGS="-g0 -O2"
CXXFLAGS="-g0 -O2"
LDFLAGS="-s"

./configure
--build="$MACHINE"
--host="$MACHINE"
--prefix=/usr
--datadir=/usr/share/squid
--sysconfdir=/etc/squid
--libexecdir=/usr/lib/squid
--localstatedir=/var
--with-logdir=/var/log/squid
--disable-strict-error-checking
--disable-arch-native
--enable-removal-policies="lru,heap"
--enable-auth-digest
--enable-auth-basic="getpwnam,NCSA,DB,RADIUS"
--enable-basic-auth-helpers="DB"
--enable-epoll
--enable-external-acl-helpers="file_userip,unix_group,wbinfo_group"
--enable-auth-ntlm="fake"
--enable-auth-negotiate="kerberos,wrapper"
--enable-silent-rules
--disable-mit
--enable-heimdal
--enable-delay-pools
--enable-arp-acl
--enable-openssl
--enable-ssl-crtd
--enable-security-cert-generators="file"
--enable-ident-lookups
--enable-useragent-log
--enable-cache-digests
--enable-referer-log
--enable-async-io
--enable-truncate
--enable-arp-acl
--enable-htcp
--enable-carp
--enable-epoll
--enable-follow-x-forwarded-for
--enable-storeio="diskd rock"
--enable-ipv6
--enable-translation
--enable-snmp
--disable-dependency-tracking
--with-large-files
--with-default-user=squid
--with-openssl
--with-pidfile=/var/run/squid/squid.pid

RUN set -x &&
nproc=$(n=$(nproc) ; max_n=6 ; echo $(( n <= max_n ? n : max_n )) ) &&
make -j $nproc &&
make install

WORKDIR /tmp/build/tools/squidclient
RUN make && make install-strip

RUN sed -i '1s;^;include /etc/squid/conf.d/.conf\n;' /etc/squid/squid.conf &&
echo 'include /etc/squid/conf.d.tail/.conf' >> /etc/squid/squid.conf

--- --- --- --- --- --- --- --- ---

FROM alpine:3.19.1

ENV SQUID_CONFIG_FILE /etc/squid/squid.conf
ENV TZ Europe/Moscow

RUN set -x &&
deluser squid 2>/dev/null; delgroup squid 2>/dev/null;
addgroup -S squid -g 3128 && adduser -S -u 3128 -G squid -g squid -H -D -s /bin/false -h /var/cache/squid squid

RUN apk add --no-cache
libstdc++
heimdal-libs
libcap
libltdl
tzdata

COPY --from=build /etc/squid/ /etc/squid/
COPY --from=build /usr/lib/squid/ /usr/lib/squid/
COPY --from=build /usr/share/squid/ /usr/share/squid/
COPY --from=build /usr/sbin/squid /usr/sbin/squid
COPY --from=build /usr/bin/squidclient /usr/bin/squidclient

RUN install -d -o squid -g squid
/var/cache/squid
/var/log/squid
/var/run/squid &&
chmod +x /usr/lib/squid/* &&
install -d -m 755 -o squid -g squid
/etc/squid/conf.d
/etc/squid/conf.d.tail &&
touch /etc/squid/conf.d/placeholder.conf
COPY squid-log.conf /etc/squid/conf.d.tail/

RUN set -x &&
apk add --no-cache --virtual .tz alpine-conf tzdata &&
/sbin/setup-timezone -z $TZ &&
apk del .tz

VOLUME ["/var/cache/squid"]
EXPOSE 3128/tcp

USER squid

CMD ["sh", "-c", "rm -f /var/run/squid/squid.pid ; /usr/sbin/squid -f ${SQUID_CONFIG_FILE} --foreground -z && exec /usr/sbin/squid -f ${SQUID_CONFIG_FILE} --foreground -YCd 1"]

`

Required for managing credentials on mysql, but not included?
https://wiki.squid-cache.org/ConfigExamples/Authenticate/Mysql

b4tman/squid:5.2

/ $ ls -alh /usr/lib/squid
total 508K
drwxr-xr-x    2 root     root        4.0K Oct  4 13:58 .
drwxr-xr-x    1 root     root        4.0K Oct  4 13:58 ..
-rwxr-xr-x    1 root     root       13.8K Oct  4 13:58 basic_getpwnam_auth
-rwxr-xr-x    1 root     root       26.0K Oct  4 13:58 basic_ncsa_auth
-rwxr-xr-x    1 root     root       82.1K Oct  4 13:58 cachemgr.cgi
-rwxr-xr-x    1 root     root       21.8K Oct  4 13:58 digest_file_auth
-rwxr-xr-x    1 root     root       21.8K Oct  4 13:58 diskd
-rwxr-xr-x    1 root     root       17.8K Oct  4 13:58 ext_file_userip_acl
-rwxr-xr-x    1 root     root       17.8K Oct  4 13:58 ext_unix_group_acl
-rwxr-xr-x    1 root     root        5.0K Oct  4 13:58 ext_wbinfo_group_acl
-rwxr-xr-x    1 root     root        7.0K Oct  4 13:58 helper-mux
-rwxr-xr-x    1 root     root       12.7K Oct  4 13:58 log_db_daemon
-rwxr-xr-x    1 root     root       13.8K Oct  4 13:58 log_file_daemon
-rwxr-xr-x    1 root     root       13.7K Oct  4 13:58 negotiate_kerberos_auth
-rwxr-xr-x    1 root     root       13.6K Oct  4 13:58 negotiate_kerberos_auth_test
-rwxr-xr-x    1 root     root       21.7K Oct  4 13:58 negotiate_wrapper_auth
-rwxr-xr-x    1 root     root       25.8K Oct  4 13:58 ntlm_fake_auth
-rwxr-xr-x    1 root     root        7.3K Oct  4 13:58 security_fake_certverify
-rwxr-xr-x    1 root     root       94.1K Oct  4 13:58 security_file_certgen
-rwxr-xr-x    1 root     root        4.0K Oct  4 13:58 storeid_file_rewrite
-rwxr-xr-x    1 root     root       14.0K Oct  4 13:58 unlinkd
-rwxr-xr-x    1 root     root       13.8K Oct  4 13:58 url_fake_rewrite
-rwxr-xr-x    1 root     root        2.5K Oct  4 13:58 url_fake_rewrite.sh
-rwxr-xr-x    1 root     root        4.6K Oct  4 13:58 url_lfs_rewrite

I am trying to use the 6.6-ssl-bump image, and it fails, you can help?

My logs

squid  | 2024/01/21 01:28:01 kid1| Adding domain sa-east-1.compute.internal from /etc/resolv.conf
squid  | 2024/01/21 01:28:01 kid1| Adding nameserver 127.0.0.11 from /etc/resolv.conf
squid  | 2024/01/21 01:28:01 kid1| Adding ndots 1 from /etc/resolv.conf
squid  | 2024/01/21 01:28:01 kid1| Logfile: opening log stdio:/proc/self/fd/1
squid  | 2024/01/21 01:28:01 kid1| Not currently OK to rewrite swap log.
squid  | 2024/01/21 01:28:01 kid1| storeDirWriteCleanLogs: Operation aborted.
squid  | 2024/01/21 01:28:01 kid1| FATAL: Cannot open '/proc/self/fd/1' for writing.
squid  | 	The parent directory must be writeable by the
squid  | 	user 'squid', which is the cache_effective_user
squid  | 	set in squid.conf.
squid  | 2024/01/21 01:28:01 kid1| Squid Cache (Version 6.5): Terminated abnormally.
squid  | 2024/01/21 01:28:01| Removing PID file (/var/run/squid/squid.pid)

My docker-compose.yml

version: '3.9'

x-logging: &logging
  logging:
    driver: "json-file"
    options:
      max-size: "10m"
      max-file: "1"

services:
  tor:
    image: dperson/torproxy
    container_name: tor
    restart: unless-stopped

  squid:
    ports:
      - 3199:3199 # TOR
    image: 'b4tman/squid:6.6-ssl-bump'
    volumes:
      - './config/:/etc/squid/conf.d/'
    container_name: squid
    environment:
      - SQUID_CONFIG_FILE=/etc/squid/conf.d/squid.conf
    extra_hosts:
      - 'host.docker.internal:host-gateway'
    healthcheck:
      test: [ CMD-SHELL, 'export https_proxy=127.0.0.1:3199 && export http_proxy=127.0.0.1:3199 && wget -q -Y on  -O - https://checkip.amazonaws.com || exit 1' ]
      retries: 5
      timeout: 10s
      start_period: 60s
      interval: 300s
    ulimits:
      nofile: { soft: 65536, hard: 65536 }
    restart: always

squid.conf

acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl Allowed_IP src "/etc/squid/conf.d/allowed_ip.txt"

http_access allow Allowed_IP
http_access allow localnet
http_access allow localhost manager
http_access deny manager
http_access allow all # cambio deny por allow

acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 443
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

cache allow all
cache_dir ufs /var/cache/squid 5000 16 256
maximum_object_size 8 MB
cache_mem 256 MB
refresh_pattern ^http://   0   20%   60
refresh_pattern ^https://  0   20%   60

# Otras configuraciones
visible_hostname unkown
forwarded_for off
request_header_access X-Forwarded-For deny all
request_header_access Cache-Control allow all # cambio deny por allow
request_header_access Via deny all

reply_header_access X-Forwarded-For deny all
reply_header_access Cache-Control allow all # cambio deny por allow
reply_header_access Via deny all
reply_header_access X-Squid-Error deny all

never_direct allow all

server_persistent_connections off
client_persistent_connections off

access_log stdio:/proc/self/fd/1 combined

# Define una ACL para el puerto 3199 ######### TOR-PROXY
http_port 3199
acl puerto_3199 localport 3199
http_access allow puerto_3199
cache_peer tor parent 8118 0 no-digest no-netdb-exchange connect-fail-limit=2 connect-timeout=8 round-robin no-query allow-miss proxy-only name=tor
cache_peer_access tor allow puerto_3199

this is a nice repo i have used for one year, but after upgrading my raspberry pi to 64bit OS, it's not supported. so i start to build this docker image by tag v4.16.0, this is a good version for me. here is the build error:
`

[linux/arm64 build 9/11] RUN set -x && cd /tmp/build && nproc=$(n=$(nproc) ; max_n=6 ; [ $n -le $max_n ] && echo $n || echo $max_n) && make -j $nproc && make install && cd tools/squidclient && make && make install-strip:
#17 0.083 + cd /tmp/build
#17 0.090 + nproc
#17 0.105 + n=2
#17 0.106 + max_n=6
#17 0.108 + '[' 2 -le 6 ]
#17 0.113 + echo 2
#17 0.116 + nproc=2
#17 0.117 + make -j 2
#17 0.217 Making all in compat
#17 0.271 make[1]: Entering directory '/tmp/build/compat'
#17 0.291 CXX assert.lo
#17 0.294 CXX compat.lo
#17 2.194 CXX debug.lo
#17 2.664 CC eui64_aton.lo
#17 4.217 CXX getaddrinfo.lo
#17 4.996 CXX getnameinfo.lo
#17 6.198 CC GnuRegex.lo
#17 6.942 CXX inet_ntop.lo
#17 7.684 CXX inet_pton.lo
#17 8.981 CXX memrchr.lo
#17 9.695 CXX shm.lo
#17 10.96 CXX statvfs.lo
#17 12.12 CXX strnstr.lo
#17 12.91 CC strnrchr.lo
#17 15.05 CXX xalloc.lo
#17 15.21 CXX xstrerror.lo
#17 17.98 CXX xstring.lo
#17 17.99 CXX xstrto.lo
#17 21.04 CXX mswindows.lo
#17 22.90 CXXLD libcompatsquid.la
#17 24.93 make[1]: Leaving directory '/tmp/build/compat'
#17 24.93 Making all in lib
#17 24.99 make[1]: Entering directory '/tmp/build/lib'
#17 25.05 Making all in ntlmauth
#17 25.10 make[2]: Entering directory '/tmp/build/lib/ntlmauth'
#17 25.12 CXX ntlmauth.lo
#17 33.70 CXXLD libntlmauth.la
#17 34.73 make[2]: Leaving directory '/tmp/build/lib/ntlmauth'
#17 34.79 make[2]: Entering directory '/tmp/build/lib'
#17 34.81 CC base64.lo
#17 34.81 CC charset.lo
#17 37.14 CC html_quote.lo
#17 38.52 CC md5.lo
#17 39.86 CC rfc1738.lo
#17 42.32 CC rfc2617.lo
#17 43.13 CXX hash.lo
#17 45.46 CC getfullhostname.lo
#17 47.75 CC heap.lo
#17 48.10 CC iso3307.lo
#17 50.79 CC radix.lo
#17 51.84 CC rfc1123.lo
#17 55.05 CXX Splay.lo
#17 57.10 CC stub_memaccount.lo
#17 58.38 CC util.lo
#17 59.06 CC xusleep.lo
#17 61.38 CCLD libmiscencoding.la
#17 61.49 CXXLD libmisccontainers.la
#17 62.64 CXXLD libmiscutil.la
#17 64.16 make[2]: Leaving directory '/tmp/build/lib'
#17 64.17 make[1]: Leaving directory '/tmp/build/lib'
#17 64.17 Making all in libltdl
#17 64.24 make[1]: Entering directory '/tmp/build/libltdl'
#17 64.29 GEN libltdl/lt__argz.h
#17 64.32 make all-am
#17 64.39 make[2]: Entering directory '/tmp/build/libltdl'
#17 64.47 CC libltdlc_la-lt__alloc.lo
#17 64.48 Error while loading /usr/local/sbin/mkdir: No such file or directory
#17 64.48 make[2]: *** [Makefile:624: loaders/.deps/.dirstamp] Error 1
#17 64.48 make[2]: *** Waiting for unfinished jobs....
#17 66.17 make[2]: Leaving directory '/tmp/build/libltdl'
#17 66.17 make[1]: *** [Makefile:522: all] Error 2
#17 66.17 make[1]: Leaving directory '/tmp/build/libltdl'
#17 66.18 make: *** [Makefile:588: all-recursive] Error 1
`
please help, thx.

My squid is suddenly reporting an error and is not functioning properly. How can I address this?
It seems related to my use of radius, but I haven't made any recent changes to the settings.

2023/10/10 03:40:10 kid1| DNS IPv4 socket created at 0.0.0.0, FD 8
2023/10/10 03:40:10 kid1| Adding nameserver 127.0.0.11 from /etc/resolv.conf
2023/10/10 03:40:10 kid1| Adding ndots 1 from /etc/resolv.conf
2023/10/10 03:40:10 kid1| helperOpenServers: Starting 0/5 'basic_radius_auth' processes
2023/10/10 03:40:10 kid1| helperOpenServers: No 'basic_radius_auth' processes needed.
2023/10/10 03:40:10 kid1| Logfile: opening log daemon:/var/log/squid/access.log
2023/10/10 03:40:10 kid1| Logfile Daemon: opening log /var/log/squid/access.log
2023/10/10 03:40:10 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2023/10/10 03:40:10 kid1| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2023/10/10 03:40:10 kid1| Store logging disabled
2023/10/10 03:40:10 kid1| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2023/10/10 03:40:10 kid1| Target number of buckets: 1008
2023/10/10 03:40:10 kid1| Using 8192 Store buckets
2023/10/10 03:40:10 kid1| Max Mem  size: 262144 KB
2023/10/10 03:40:10 kid1| Max Swap size: 0 KB
2023/10/10 03:40:10 kid1| Using Least Load store dir selection
2023/10/10 03:40:10 kid1| Set Current Directory to /var/spool/squid
2023/10/10 03:40:10 kid1| Finished loading MIME types and icons.
2023/10/10 03:40:10 kid1| HTCP Disabled.
2023/10/10 03:40:10 kid1| Adaptation support is off.
2023/10/10 03:40:10 kid1| Accepting HTTPS Socket connections at conn2 local=0.0.0.0:3128 remote=[::] FD 11 flags=9
    listening port: 3128
2023/10/10 03:40:11 kid1| storeLateRelease: released 0 objects
2023/10/10 03:42:25 kid1| Starting new basicauthenticator helpers...
    current master transaction: master85
2023/10/10 03:42:25 kid1| helperOpenServers: Starting 1/5 'basic_radius_auth' processes
    current master transaction: master85
2023/10/10 03:42:25 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
    current master transaction: master85

I intend to use Cacti to monitor the status of Squid via SNMP. However, it seems that SNMP is not enabled by default in Squid. Can you provide instructions on how to enable SNMP?

Hi,

Thanks for this project - I was just wondering why the latest tag is only built for amd64 - I'm trying to run this on a RPI swarm and it's failing as it's not built for ARM

I tried pulling the armhf tag which works, however it hasn't been updated for 2 years so the Squid/Alpine versions are out of date.

Thanks!

I've been testing out the v6 version and noticed that it lacks 'basic_radius_auth'. Could you possibly add radius authentication? Thank you very much!

How to use it on arm64 architecture?