From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH] Revert "proxy.cgi: Fix for Bug #12826 'squid >=5 crashes on literal IPv6 addresses'" Date: Mon, 08 Jan 2024 16:42:48 +0000 Message-ID: <20240108164248.3794991-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7564182265447252186==" List-Id: --===============7564182265447252186== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This reverts commit e0be9eab47d621545e5498c32c0fef39f7ef84a9. This change is now producing problems on IPv6-enabled systems as it will deny access to any website that is IPv6-enabled as well, even if the client connected using IPv4. I have tested if squid is now running on fine on systems where IPv6 is disabled and can confirm that its running just fine. Signed-off-by: Michael Tremer --- html/cgi-bin/proxy.cgi | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 71be315f6..c8e3576df 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -3525,19 +3525,9 @@ END $_ =3D~ s/__PROXY_PORT__/$proxysettings{'PROXY_PORT'}/; print FILE $_; } - print FILE "\n#End of custom includes\n\n"; + print FILE "\n#End of custom includes\n"; close (ACL); } - - print FILE < 5.x -acl to_ipv6 dst ipv6 -acl from_ipv6 src ipv6 -http_access deny to_ipv6 -http_access deny from_ipv6 -END - ; - if ((!-z $extgrp) && ($proxysettings{'AUTH_METHOD'} eq 'ncsa') && ($proxyse= ttings{'NCSA_BYPASS_REDIR'} eq 'on')) { print FILE "\nredirector_access deny = for_extended_users\n"; } =20 # Check if squidclamav is enabled. --=20 2.39.2 --===============7564182265447252186==--