Debuggen von configd?

Started by marcri, June 11, 2019, 12:26:31 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 11, 2019, 12:26:31 PM
Hallo,

ich habe seit ein paar Tagen einen Fehler bei der Generierung der squid.conf. Ich habe mit die config.xml mehrmals komplett durchgelesen, Backups wiederhergestellt und versucht Schritt für Schritt durch die Python-Skripte zu schauen. Ich habe keinerlei Doku über Debug-Möglichkeiten gefunden. Habt ihr Tipps?

Hier der Fehler:
configd.py: [f0e70ff1-4291-4b9d-812d-96375f43fb9e] Inline action failed with OPNsense/Proxy OPNsense/Proxy/squid.conf 'int' object has no attribute 'lstrip' at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 509, in execute return ph_inline_actions.execute(self, inline_act_parameters) File "/usr/local/opnsense/service/modules/ph_inline_actions.py", line 51, in execute filenames = tmpl.generate(parameters) File "/usr/local/opnsense/service/modules/template.py", line 338, in generate raise render_exception Exception: OPNsense/Proxy OPNsense/Proxy/squid.conf 'int' object has no attribute 'lstrip'


Und hier der config.xml-Teil:
Code Select
    <proxy version="1.0.3">
      <general>
        <enabled>1</enabled>
        <icpPort/>
        <logging>
          <enable>
            <accessLog>1</accessLog>
            <storeLog>0</storeLog>
          </enable>
          <ignoreLogACL/>
          <target/>
        </logging>
        <alternateDNSservers>192.168.100.1,192.168.200.254</alternateDNSservers>
        <dnsV4First>1</dnsV4First>
        <forwardedForHandling>off</forwardedForHandling>
        <uriWhitespaceHandling>strip</uriWhitespaceHandling>
        <useViaHeader>1</useViaHeader>
        <suppressVersion>1</suppressVersion>
        <VisibleEmail>xxx@yyy.de</VisibleEmail>
        <VisibleHostname>opn.intra.xxx</VisibleHostname>
        <cache>
          <local>
            <enabled>1</enabled>
            <directory>/var/squid/cache</directory>
            <cache_mem>6144</cache_mem>
            <maximum_object_size>10</maximum_object_size>
            <size>4096</size>
            <l1>16</l1>
            <l2>256</l2>
            <cache_linux_packages>1</cache_linux_packages>
            <cache_windows_updates>0</cache_windows_updates>
          </local>
        </cache>
        <traffic>
          <enabled>0</enabled>
          <maxDownloadSize>2048</maxDownloadSize>
          <maxUploadSize>1024</maxUploadSize>
          <OverallBandwidthTrotteling>1024</OverallBandwidthTrotteling>
          <perHostTrotteling>256</perHostTrotteling>
        </traffic>
        <parentproxy>
          <enabled>0</enabled>
          <host/>
          <enableauth>0</enableauth>
          <user>username</user>
          <password>password</password>
          <port/>
          <localdomains/>
          <localips/>
        </parentproxy>
      </general>
      <forward>
        <interfaces>lan,opt1,opt3,opt2,opt4</interfaces>
        <port>8080</port>
        <sslbumpport>8083</sslbumpport>
        <sslbump>1</sslbump>
        <sslurlonly>0</sslurlonly>
        <sslcertificate>5cef89dc61bc8</sslcertificate>
        <sslnobumpsites>.risse-it.de,.stormdesignz5.de</sslnobumpsites>
        <ssl_crtd_storage_max_size>48</ssl_crtd_storage_max_size>
        <sslcrtd_children>10</sslcrtd_children>
        <snmp_enable>1</snmp_enable>
        <snmp_port>3401</snmp_port>
        <snmp_password>public</snmp_password>
        <ftpInterfaces>lan,opt1,opt3,opt2,opt4</ftpInterfaces>
        <ftpPort>2121</ftpPort>
        <ftpTransparentMode>1</ftpTransparentMode>
        <addACLforInterfaceSubnets>1</addACLforInterfaceSubnets>
        <transparentMode>1</transparentMode>
        <acl>
          <allowedSubnets>192.168.0.0/16</allowedSubnets>
          <unrestricted>127.0.0.1</unrestricted>
          <bannedHosts/>
          <whiteList>.paypal.com,.risse-it.de</whiteList>
          <blackList/>
          <browser/>
          <mimeType/>
          <safePorts>80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http,81:http,82:http</safePorts>
          <sslPorts>443:https,8443:https</sslPorts>
          <remoteACLs>
            <blacklists>
              <blacklist uuid="d60cc68f-cae0-4e58-805a-b27feb0f2594">
                <enabled>1</enabled>
                <filename>Crypto</filename>
                <url>ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/cryptojacking.tar.gz</url>
                <username/>
                <password/>
                <filter/>
                <sslNoVerify>0</sslNoVerify>
                <description>Crypto Blackist</description>
              </blacklist>
              <blacklist uuid="e78b82b7-62cb-4ce7-a0cf-65fc8463451d">
                <enabled>1</enabled>
                <filename>Publicite</filename>
                <url>ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/publicite.tar.gz</url>
                <username/>
                <password/>
                <filter/>
                <sslNoVerify>0</sslNoVerify>
                <description>Publicite Blackist</description>
              </blacklist>
              <blacklist uuid="7ad40fae-a844-4852-b58b-248fde605cbc">
                <enabled>1</enabled>
                <filename>Phishing</filename>
                <url>ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/phishing.tar.gz</url>
                <username/>
                <password/>
                <filter/>
                <sslNoVerify>0</sslNoVerify>
                <description>Phishing Blackist</description>
              </blacklist>
              <blacklist uuid="578922c9-4cf7-4c36-8245-8b6602d2b55e">
                <enabled>1</enabled>
                <filename>ads.acl</filename>
                <url>https://www.squidblacklist.org/downloads/squid-ads.acl</url>
                <username/>
                <password/>
                <filter/>
                <sslNoVerify>1</sslNoVerify>
                <description>ads</description>
              </blacklist>
              <blacklist uuid="b9e4a695-87bf-4bf3-a66e-8a1912c196c6">
                <enabled>1</enabled>
                <filename>malicious.acl</filename>
                <url>https://www.squidblacklist.org/downloads/squid-malicious.acl</url>
                <username/>
                <password/>
                <filter/>
                <sslNoVerify>1</sslNoVerify>
                <description>malicious</description>
              </blacklist>
              <blacklist uuid="0071e5d2-b20a-4f83-926a-750d003f7f20">
                <enabled>1</enabled>
                <filename>Shalla.lst</filename>
                <url>http://www.shallalist.de/Downloads/shallalist.tar.gz</url>
                <username/>
                <password/>
                <filter>adv,aggressive,alcohol,costtraps,dynamic,ringtones,spyware,tracker,warez,webphone,webtv</filter>
                <sslNoVerify>0</sslNoVerify>
                <description>shalla</description>
              </blacklist>
              <blacklist uuid="8397c0c7-9e82-4198-82db-8d87ef494bd8">
                <enabled>1</enabled>
                <filename>yoyo</filename>
                <url>http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml</url>
                <username/>
                <password/>
                <filter/>
                <sslNoVerify>1</sslNoVerify>
                <description>yoyo</description>
              </blacklist>
            </blacklists>
            <UpdateCron>6d4ca1ff-5b12-43d7-a070-5d41b1a8d7d9</UpdateCron>
          </remoteACLs>
        </acl>
        <icap>
          <enable>1</enable>
          <RequestURL>icap://[::1]:1344/avscan</RequestURL>
          <ResponseURL>icap://[::1]:1344/avscan</ResponseURL>
          <SendClientIP>1</SendClientIP>
          <SendUsername>0</SendUsername>
          <EncodeUsername>0</EncodeUsername>
          <UsernameHeader>X-Username</UsernameHeader>
          <EnablePreview>1</EnablePreview>
          <PreviewSize>1024</PreviewSize>
          <OptionsTTL>60</OptionsTTL>
          <exclude/>
        </icap>
        <authentication>
          <method/>
          <realm>OPNsense proxy authentication</realm>
          <credentialsttl>2</credentialsttl>
          <children>5</children>
        </authentication>
      </forward>
      <pac/>
    </proxy>
  </OPNsense>

Print
Go Up Pages1
User actions