proxy.cgi: Fix for Bug #12826 'squid >=5 crashes on literal IPv6 addresses'

author Matthias Fischer <matthias.fischer@ipfire.org>

Fri, 30 Sep 2022 19:05:56 +0000 (21:05 +0200)

committer Peter Müller <peter.mueller@ipfire.org>

Sun, 2 Oct 2022 08:50:39 +0000 (08:50 +0000)
author Matthias Fischer <matthias.fischer@ipfire.org>
Fri, 30 Sep 2022 19:05:56 +0000 (21:05 +0200)
committer Peter Müller <peter.mueller@ipfire.org>
Sun, 2 Oct 2022 08:50:39 +0000 (08:50 +0000)
diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi

index 577d37b93dae68d188e124e1d00048f411be60e1..b4073343e04ead74bb330a946215c6312d33bc76 100644 (file)
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -3525,9 +3525,19 @@ END
                         $_ =~ s/__PROXY_PORT__/$proxysettings{'PROXY_PORT'}/;
                         print FILE $_;
                 }
-               print FILE "\n#End of custom includes\n";
+               print FILE "\n#End of custom includes\n\n";
                 close (ACL);
         }
+
+               print FILE <<END
+# Prevent ipv6 requests to avoid crash in squid > 5.x
+acl to_ipv6 dst ipv6
+acl from_ipv6 src ipv6
+http_access deny to_ipv6
+http_access deny from_ipv6
+END
+       ;
+
         if ((!-z $extgrp) && ($proxysettings{'AUTH_METHOD'} eq 'ncsa') && ($proxysettings{'NCSA_BYPASS_REDIR'} eq 'on')) { print FILE "\nredirector_access deny for_extended_users\n"; }
  
         # Check if squidclamav is enabled.
author	Matthias Fischer <matthias.fischer@ipfire.org>
	Fri, 30 Sep 2022 19:05:56 +0000 (21:05 +0200)
committer	Peter Müller <peter.mueller@ipfire.org>
	Sun, 2 Oct 2022 08:50:39 +0000 (08:50 +0000)