• 0 Votes
    2 Posts
    56 Views
    S

    I have the same issue after upgrading from 2.7.2 to 2.8.0.
    When trying to start squid the below message is shown in syslog:

    php-fpm[71339]: /pkg_edit.php: The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'ld-elf.so.1: /usr/local/sbin/squid: Undefined symbol "_ZTVNSt3__117bad_function_callE"'

  • Sqstat Issue

    Moved
    17
    0 Votes
    17 Posts
    2k Views
    N

    @anemacuore 2.8.0 is work (update)

  • HAProxy Seems to Forward to wrong Backend Port

    8
    0 Votes
    8 Posts
    2k Views
    P

    Hi, a few weeks ago the same problem, HAProxy was working fine about 3 years ago.

    I try pfsense version 2.6, 2.7, 2.8beta and now 2.8. Haproxy and haproxy-devel. no success.

    Its like a cache, when request the first acl rule, the next use the same rule.

  • 1 Votes
    9 Posts
    600 Views
    JonathanLeeJ

    @tinfoilmatt Here you go

    https://forum.netgate.com/topic/195860/mnt-folder-question

    To quote: @stephenw10

    "Jan 6, 2025 at 5:43 AM I would still use a custom location to be sure. I can't find anything off hand but if would conflict with anything that did.

    I'm pretty sure the efi partition is mounted there to test at upgrade for example."

  • Squid error

    1
    0 Votes
    1 Posts
    51 Views
    No one has replied
  • Squid error "FATAL: Unknown http_port option 'NO_TLSv1"

    13
    0 Votes
    13 Posts
    1k Views
    B

    @aniodon

    Apologies for the necro posting.

    How would you apply such a patch ?

    https://github.com/pfsense/FreeBSD-ports/commit/476a7d0e3dca704b236839970f1d215912184f73

    I've created a system patch via pfsense GUI with the commit mentioned in this thread, however, it does not apply to my squid config,

    It seems that it is not recognizing the file to update (?)
    Here's what I'm getting in the debug log (not having changed default patch settings):

    /usr/bin/patch --directory='/' -t --strip '2' -i '/var/patches/682f24bdbc39f.patch' --check --forward --ignore-whitespace Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |From 476a7d0e3dca704b236839970f1d215912184f73 Mon Sep 17 00:00:00 2001 |From: Marcos Mendoza <mmendoza@netgate.com> |Date: Tue, 26 Nov 2024 18:36:53 -0600 |Subject: [PATCH] www/pfSense-pkg-squid: remove duplicate option | |--- | www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc | 1 - | 1 file changed, 1 deletion(-) | |diff --git a/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc b/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc |index 719cda2fb3cf..129b8b05335c 100644 |--- a/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc |+++ b/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc -------------------------- No file to patch. Skipping... Hunk #1 ignored at 1236. 1 out of 1 hunks ignored while patching pfSense-pkg-squid/files/usr/local/pkg/squid.inc done
  • HAProxy with basic auth 500 Internal Server Error

    1
    0 Votes
    1 Posts
    45 Views
    No one has replied
  • [SOLVED] PHP ERROR: Type: 1, File: /usr/local/pkg/haproxy/haproxy.inc

    3
    0 Votes
    3 Posts
    220 Views
    Sergei_ShablovskyS

    Got damn, there are one unused backend in HAproxy package configuration! How I miss it?…

    After delete AND cold pfSense-based server restart - error not appear at all.

  • haproxy 0.63_2 weird behavior, edits not working

    3
    0 Votes
    3 Posts
    119 Views
    I

    @TheCyborgWeasel said in haproxy 0.63_2 weird behavior, edits not working:

    Yes, I can confirm that, at least partially. I simply had to enable SSL on the backend and thought the connection was secured. The SSL server was not available so I should have seen a 503. But haProxy did continue to gain access to the webserver which means that the settings were not applied correctly. Also a restart of the service did not help. Only a restart of the whole pfSense worked and applied the new SSL setting. I got a 503 then.

    Strange: The other way around worked directly. Disabling SSL and hitting the apply button showed immediately the old website again, no need to restart the haProxy service or even the whole pfSense. So it is partially buggy :-)

    This is reproducable!

    Is this enough to open a case?

    Thank you for confirming that there is a bug in haproxy.

  • HAProxy Path in Backend

    2
    0 Votes
    2 Posts
    87 Views
    T

    Did'nt you forget the ACL? The action will never be triggered...?!

  • Squid Status GUI tab not working pfsense plus v 24

    5
    0 Votes
    5 Posts
    269 Views
    B

    Bumping this as I am experiencing the exact same issue with the exact same behavior. I have even tried putting a transparent bypass for 127.0.0.1 as the source and destination, the hostname of the firewall, and the firewall's own public address as a source with no success.

  • Can't protect certain path only with client certificate

    2
    0 Votes
    2 Posts
    135 Views
    V

    @sensewolf said in Can't protect certain path only with client certificate:

    -- The expected outcome is that in order to access the specific path, a client certificate is required. Surprisingly, however, the path becomes publicly accessible again without the client certificate --

    I don't understand why this doesn't work. The setup is basically the same as for my other accessible and protected domains with the only difference that in this case only a certain path should be protected.

    Did you put this rule to the top, so that it is probed and executed before the other one?

    For testing the ACLs just use a simple rule, which give a clear result like "http request deny".

    Why isn't this working? What am I missing?

    Maybe someone will see it if you post the whole configuration.

  • HAProxy: Possible MIME type issue with NextCloud

    4
    0 Votes
    4 Posts
    140 Views
    J

    Hi there,

    Thanks for the detailed explanation—this is a good catch. Your suspicion is right: this issue isn’t caused by pfSense or HAProxy, but by the web server behind Nextcloud (likely Apache or Nginx) not serving .mjs files with the correct MIME type.

    HAProxy simply acts as a reverse proxy and does not handle or modify MIME types. It forwards the request to your backend server (10.0.24.10:3334 in this case), which is responsible for serving static content like .mjs files. To fix it:

    For Nginx, modify mime.types to include: application/javascript js mjs; For Apache, add: AddType application/javascript .mjs

    Once this change is in place, the viewer and other JS modules should load properly through HAProxy.

    As a side note, if you're ever doing advanced tasks like proxy rotation for web scraping or external API access, that’s something HAProxy can help with—but it doesn’t apply here.

    Let me know if you'd like help locating your web server config!

  • HAProxy Websockets - Frigate

    11
    0 Votes
    11 Posts
    764 Views
    R

    @sensewolf All of the applications I have that run websockets use the same port, so I do not create separate backends for them and it works fine. If your application does use separate ports then you will need to create a separate backend. I'm not sure how common this is, but I have I think 5 domains with websockets and none of them use a separate port.

  • phpMyAdmin behind HAProxy

    1
    0 Votes
    1 Posts
    67 Views
    No one has replied
  • This topic is deleted!

    1
    0 Votes
    1 Posts
    14 Views
    No one has replied
  • HAProxy & Cloudflare - 526 Invalid SSL

    2
    0 Votes
    2 Posts
    216 Views
    L

    Did you manage to get it working as I am doing the same thing but have noticed Cloudflare Proxied traffic seems to really be slow......not sure if there is something in Cloudflare that needs tweaking but it is pretty much unusable

  • Nextcloud und SSL über pfSense Configurieren

    9
    0 Votes
    9 Posts
    257 Views
    M

    @viragomann said in Nextcloud und SSL über pfSense Configurieren:

    https://<WAN IP>

    Sooo Fehler gefunden, es waren die IPv6 Einträge, gelöscht und es funktioniert!

    Über DSL von Zuhause konnten alle anfragen Aufgelöst werden, über bein Test gerät welches über Mobiele Daten ging nicht... da dieses vermutlich IPv6 genutzt hatte.

    Besten Danke für die unterstützung

  • Squid package can utilize hardware based cryptographic acceleration

    4
    1 Votes
    4 Posts
    198 Views
    JonathanLeeJ

    @ngr2001 I don’t know try the directive to see it if works, I do not have that crypto chip

  • SQUID TO ONLY SEE DOMAINS WITHOUT DECRYPTING CONTENT

    6
    0 Votes
    6 Posts
    329 Views
    JonathanLeeJ

    @tiago-duarte squid + pfSense plus

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.