🦑 Testing the Squid config file for syntax errors

I have installed Squid proxy on Ubuntu.

How can I make sure there are no syntax errors in my squid.conf file and check that config file for errors?

Wherever you install or upgrade your Squid proxy, you must ensure that your squid.conf file is free of errors.

It’s a simple task.

To check the squid.conf file for syntax errors and warnings, enter the following commands.

Checking the Squid proxy configuration file for errors

Open a terminal window and enter the following command to log into your Linux and Unix server remotely using the ssh command:

$ ssh [email protected]

Now run the following command as root:
# squid -k parse
## или используя полный путь ##
$ sudo /usr/sbin/squid3 -k parse
## Отфильтруем ошибки с grep / egrep ##
# squid -k parse | grep 'error'
# squid -k parse | egrep 'foo|bar'

Session example:

2020/08/08 08:16:42| Startup: Initializing Authentication Schemes ...
2020/08/08 08:16:42| Startup: Initialized Authentication Scheme 'basic'
2020/08/08 08:16:42| Startup: Initialized Authentication Scheme 'digest'
2020/08/08 08:16:42| Startup: Initialized Authentication Scheme 'negotiate'
2020/08/08 08:16:42| Startup: Initialized Authentication Scheme 'ntlm'
2020/08/08 08:16:42| Startup: Initialized Authentication.
2020/08/08 08:16:42| Processing Configuration File: /etc/squid/squid.conf (depth 0)
2020/08/08 08:16:42| Processing: acl mylan src 10.8.0.0/24
2020/08/08 08:16:42| Processing: acl mylan src 172.16.0.0/24
2020/08/08 08:16:42| Processing: acl SSL_ports port 443
2020/08/08 08:16:42| Processing: acl Safe_ports port 80          # http
2020/08/08 08:16:42| Processing: acl Safe_ports port 21          # ftp
2020/08/08 08:16:42| Processing: acl Safe_ports port 443         # https
2020/08/08 08:16:42| Processing: acl Safe_ports port 70          # gopher
2020/08/08 08:16:42| Processing: acl Safe_ports port 210         # wais
2020/08/08 08:16:42| Processing: acl Safe_ports port 1025-65535  # unregistered ports
2020/08/08 08:16:42| Processing: acl Safe_ports port 280         # http-mgmt
2020/08/08 08:16:42| Processing: acl Safe_ports port 488         # gss-http
2020/08/08 08:16:42| Processing: acl Safe_ports port 591         # filemaker
2020/08/08 08:16:42| Processing: acl Safe_ports port 777         # multiling http
2020/08/08 08:16:42| Processing: acl CONNECT method CONNECT
2020/08/08 08:16:42| Processing: http_access deny !Safe_ports
2020/08/08 08:16:42| Processing: http_access deny CONNECT !SSL_ports
2020/08/08 08:16:42| Processing: http_access allow localhost manager
2020/08/08 08:16:42| Processing: http_access deny manager
2020/08/08 08:16:42| Processing: http_access allow localhost
2020/08/08 08:16:42| Processing: http_access allow mylan
2020/08/08 08:16:42| Processing: http_access deny all
2020/08/08 08:16:42| Processing: http_port 10.8.0.1:3128
2020/08/08 08:16:42| Processing: dns_v4_first on
2020/08/08 08:16:42| Processing: tcp_outgoing_address 13.xxx.yyy.zzz
2020/08/08 08:16:42| Processing: cache_mem 256 MB
2020/08/08 08:16:42| Processing: cache_dir diskd /var/spool/squid 1024 16 256 Q1=72 Q2=64
2020/08/08 08:16:42| Processing: access_log daemon:/var/log/squid/access.log squid
2020/08/08 08:16:42| Processing: coredump_dir /var/spool/squid
2020/08/08 08:16:42| Processing: refresh_pattern ^ftp:           1440    20%     10080
2020/08/08 08:16:42| Processing: refresh_pattern ^gopher:        1440    0%      1440
2020/08/08 08:16:42| Processing: refresh_pattern -i (/cgi-bin/|?) 0     0%      0
2020/08/08 08:16:42| Processing: refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
2020/08/08 08:16:42| Processing: refresh_pattern .               0       20%     4320
2020/08/08 08:16:42| Processing: forwarded_for delete
2020/08/08 08:16:42| Processing: via off
2020/08/08 08:16:42| Processing: forwarded_for off
2020/08/08 08:16:42| Processing: follow_x_forwarded_for deny all
2020/08/08 08:16:42| Processing: request_header_access X-Forwarded-For deny all
2020/08/08 08:16:42| Processing: forwarded_for delete
2020/08/08 08:16:42| Processing: dns_nameservers 10.8.0.1
2020/08/08 08:16:42| WARNING: HTTP requires the use of Via
2020/08/08 08:16:42| Initializing https:// proxy context

Sample error message when checking the Squid configuration file for syntax errors

# squid -k parse

Output:

2020/08/08 08:21:07| Processing: viaproxy off
2020/08/08 08:21:07| /etc/squid/squid.conf:40 unrecognized: 'viaproxy'

Edit the config file and fix this error:

# vim +40 /etc/squid/squid.conf

Find this error:

viaproxy off

Change to:

via off

Save and close the file. Now check again:

# squid -k parse

We can now restart our squid proxy without restarting the squid daemon as follows:

# squid -k reconfigure

How to check the syntax of a squid config file

It’s always a good idea to run the squid -k parse and squid -k debug commands to check for configuration syntax errors whenever you change the proxy configuration.

Note that Squid will refuse to start if it encounters an error.

If an error exists, Squid will not work until the system administrator corrects the syntax errors.

Other useful Squid proxy options

Syntax:

# squid -k command

or

$ sudo squid -k command

Where command can be any of the following:

  • reconfigure: Sends a HUP signal to Squid to reread its configuration files.
  • rotate: rotate log files.
  • shutdown: Sends a TERM signal to Squid to briefly wait for current connections to complete and then shutdown the server. The timeout is specified by the shutdown_lifetime parameters in the squid.conf file.
  • restart: restart the server
  • interrupt: Sends an INT signal to the Squid server. It disconnects immediately without waiting for current connections.
  • kill: kill the proxy by sending a KILL signal.
  • debug: Run squid in full debug mode.
  • check: Sends a “ZERO” signal to the Squid server. The command just checks if the server / process is actually running on your Linux / Unix / BSD.
  • parse: Parses the squid.conf file for syntax errors.

Conclusion

You learned how to parse the Squid proxy configuration file, then send a signal to the running copy and exit the CLI.

This is useful for checking syntax errors in squid.conf and other files.

Sidebar