題 Squid網絡 - 警告子網


執行以下命令:

squid-k parse

我收到以下警告:

WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2014/03/19 16:43:41| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2014/03/19 16:43:41| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2014/03/19 16:43:41| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2014/03/19 16:43:41| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2014/03/19 16:43:41| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2014/03/19 16:43:41| Processing: acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
2014/03/19 16:43:41| WARNING: (B) '127.0.0.0/8' is a subnetwork of (A) '127.0.0.0/8'
2014/03/19 16:43:41| WARNING: because of this '127.0.0.0/8' is ignored to keep splay tree searching predictable
2014/03/19 16:43:41| WARNING: You should probably remove '127.0.0.0/8' from the ACL named 'to_localhost'
2014/03/19 16:43:41| WARNING: (B) '0.0.0.0' is a subnetwork of (A) '0.0.0.0'
2014/03/19 16:43:41| WARNING: because of this '0.0.0.0' is ignored to keep splay tree searching predictable
2014/03/19 16:43:41| WARNING: You should probably remove '0.0.0.0' from the ACL named 'to_localhost'
2014/03/19 16:43:41| WARNING: (B) '0.0.0.0' is a subnetwork of (A) '0.0.0.0'
2014/03/19 16:43:41| WARNING: because of this '0.0.0.0' is ignored to keep splay tree searching predictable
2014/03/19 16:43:41| WARNING: You should probably remove '0.0.0.0' from the ACL named 'to_localhost'

squid代理服務啟動並運行但我不喜歡留下這些警告。

這些是提出問題的ACL:

acl all src all
acl manager1 proto cache_object
acl localhost src 127.0.0.1/32 192.168.1.29/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

謝謝你的進展。


4
2018-03-19 21:37


起源


你這裡的實際問題是什麼?你嘗試過做它的建議嗎? - Ƭᴇcʜιᴇ007


答案:


對此設置並不十分熟悉,但它似乎是ACL的第4行。 0.0.0.0/32包含整個IPv4地址空間。指定127.0.0.0/8是多餘的。嘗試刪除一個,看看警告是否消失。


-1
2018-03-19 22:07



/ 32表示該地址(所有32位),而不是任何位 - 因此不匹配地址。這種特殊情況稱為“未指定的地址”,並被視為“此網絡上的此主機”的源地址 - 在實踐中它大致相當於127.0.0.1。儘管存在實際重複,但這不是問題中錯誤的原因。這里後面的其他答案解釋了實際問題是什麼。 :) - dannysauer


我遲到了一年,但答案是從3.2到3.4的某個時候,localhost,to_localhost和manager acls成為了squid3的內置者。由於您正在squid.conf中重新定義它們但尚未更改有效的網絡子類,因此squid會生成警告錯誤。

除非你真的想重新定義它們,否則解決方案是從squid.conf中的acl定義中刪除localhost,to_localhost和manager的定義。


15
2018-05-02 01:19



它似乎是在3.1到3.2的更新中。 - Zoredache
我的debian7-> 8是3.2 - > 3.4。謝謝尼克。 - isaaclw