diagnostics -> service will show you if squid is running or not.

Do not try to stop or start squid from services page, there is a bug on it that will always stop it.

To start squid, just save config on it's config page.

Sep 26 18:05:02 apinger: /usr/local/bin/rrdtool respawning too fast, waiting 300s.
Sep 26 18:04:02 apinger: Error while feeding rrdtool: Broken pipe

if already did what Marcelloc told, and you configured all things, click on refresh full and them ctrl+f5 on report tab.

@marcelloc:
i PM you, this is OT…

Sorry, I've missed the "not"…

Can you tcpdump some packages to check if pfsense is sending packages to your ldap?

These days a saw a dns problem that was slowing down ldap communication..

It could also be completely unrelated to that, and just how 1.2.3 would randomly sometimes stick an empty <config>tag and prevent settings from saving.

2.0.x upgrade would fix it no matter which of those is to blame.</config>

@DQM:

One more question, Marcello. How about limit size of maillog file and how does it work? Will it split to maillog1, maillog2, …? (/var/log/maillog)

Not on current version.
LinuxTracker did a how to for logrotate, maybe it's userfull for you.
http://forum.pfsense.org/index.php/topic,51412.msg287633.html#msg287633

@DQM:

Can I push the log of PF to syslog server?

Yes, you need just to change log settings on package gui.

without maillog, you will not have database search too.

@NiallCon:

Couldn't get sarg to work so this will do in the interim.

why not?  ???

Thanks for the reply

When I installed the package, restart it turns out the error:

…. "Proxy Server with mod_security" ... fetch: /usr/local/apachemodsecurity/rules/rules/default.conf: open (): No such file or directory

I edited the file /usr/local/pkg/apache_mod_security.inc at line 114 and the error is no longer out

When the server restarts, in the start of the module "Proxy Server with mod_security" returns the error
(48) Address already in use: make_sock: could not bind to address 127.0.0.1:80
no listening sockets available, shutting down
This error comes out even if it is defined an ip different from 127.0.0.1
If the service is restarted manually from the dashboard service starts properly.

I followed the instructions to add the two files accf_data.ko and accf_http.ko that I took from the site pfsense.org, I modified the loader.conf file by adding the line accf_http_load = "YES"

When I set some parameters of the "mod_security + Apache + Proxy: Settings" in httpd-error.log comes out the following error:

[Mon Sep 24 16:37:50 2012] [notice] Graceful restart requested, doing restart
[Mon Sep 24 16:37:50 2012] [warn] (22) Invalid argument: Failed to enable the 'httpready' Accept Filter
[Mon Sep 24 16:37:50 2012] [warn] (22) Invalid argument: Failed to enable the 'httpready' Accept Filter
[Mon Sep 24 16:37:50 2012] [notice] Digest: generating secret for digest authentication …
[Mon Sep 24 16:37:50 2012] [notice] Digest: done
[Mon Sep 24 16:37:51 2012] [notice] Apache/2.2.22 (FreeBSD) mod_ssl/2.2.22 OpenSSL/0.9.8n configured - resuming normal operations

The filter mod_security still does not filter, but I can get access to the site in DMZ
That mod_security is not in the path, if I do not set the "mod_security + Apache + Proxy: Proxies Site" the site is not accessible

After you try to start Snort and it won't start, go to Status->System logs and check the messages. The reason why Snort won't start is probably there.

Hi LinuxTracker,

I have followed up your steps to configure the logrotate for PF. I'd like to show you in deatails as below. Pls help to re-check and confirm if it is correct.

Step1: run command to install the logrotate
pkg_add -r http://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-8.2-release/sysutils/logrotate-3.7.9.tbz ( I'm using 2.0.1 RELEASE (amd64) built on Mon Dec 12 18:16:13 EST 2011 FreeBSD 8.1-RELEASE-p6)

Setp2: Create Archives folder at /archives to store the archiving log. I have also created folder logrotate.d at /usr/local/etc/logrotate.d ( I don't know its function. Could you explain?)

Step3: Create file /etc/logrotate.conf with content below:

location of archived log files

olddir /archives

/var/log/maillog {
       # rotate logs daily (at midnight via cron)
       daily

# don't complain if log is missing
       missingok

# keep a month's worth of logfiles
       rotate 30

# compress all but yesterday's logs with gzip
       compress
       delaycompress

# in case log file in use by process, truncates log file then copies it
       copytruncate

# create new empty log file w/ same permissions as old log file (unsure if needed)
       create 644 root wheel

# date appended onto archived log names
       dateext

# beats me - this was already here
       sharedscripts

# restart postifx
       postrotate
         /etc/init.d/postfix reload > /dev/null 2>&1 || true

endscript
     }

system-specific logs may be configured here

Step4: I have tried to run the command /usr/local/sbin/logrotate -f -s /archives/logrotate.status /etc/logrotate.conf on shell console and it seems to work well.

I have also installed Cron package and created a cron job. I want this job will run at 12:00 AM daily. But I still didn't clear the time (minute, hour, mday, …) of cron job. Below is my cron job configuration:

minute: 0
hour: 24
mday: *
month: *
wday: *
who: root
command: /usr/local/sbin/logrotate -f -s /archives/logrotate.status /etc/logrotate.conf

Is it correct? (daily run at midnight)

P/S: I'm not a linux/*nix professional  >:(
Thank you,
DQM

Thanks! I'm hesitant to modify the XML config as there are references to ntop all over the place in the file and I don't want to miss any (or break something else that is expecting to find it). I guess good old "vi" and the command line will work and I can give it my best shot. I was hoping for a cleaner way to do so.

thanks creating the script file took care of it

Sorry I missed the line about windowsupdate.com ;)

Don't know what happens when you use "offline_mode" - never used it.
search squid-cache.org for more information.

@marcelloc:

Test if it works on your 1.2.3 and feedback.

Tested and,

Yes it works, Status: Services now shows Squid is running green and I can finally see Proxy server: General settings page now!

Thanks.

May I know more details about the security issues?

@wdennis:

@jimp:

Has this behavior changed at some point?

Have you tried just clicking "ok" with the blank password?

When importing into windows it also claims it was protected with a password but if you just click Next and keep going it still works.

Tried clicking OK, but just comes back to password prompt…
This is a relatively new system, and am just starting to work with certs on it, so no change in behavior -- it has never worked :)

Thanks

wdennis,

have you been able to solve this problem? I'm having the same issue. Is there a "standard" password ?

Regards

Alexander

Ok, Here I resolved this issue.

I created a rule file in rules folder of the interface and added

in Advanced configuration pass through.  This setup is working even when the rules are auto updated.

take a look on this post:

http://forum.pfsense.org/index.php/topic,53701.msg287417.html#msg287417

anyone out there?