• Squid reverse proxy on 2.3

    4
    0 Votes
    4 Posts
    2k Views
    B
    The issues I've had only relate to multiple WAN IPs.  Everything has worked without major issue on the reverse proxy.  If you are still having issues, please post your config and I'll see if anything jumps out as troublesome.
  • Squid on Multi WAN setup ?

    6
    0 Votes
    6 Posts
    2k Views
    ?
    Just realized that the Service was not started. When I try to start it I got the following May 15 10:12:07 squid ERROR: Invalid ACL: acl password proxy_auth REQUIRED May 15 10:12:07 Squid_Alarm 56347 Attempting restart... May 15 10:12:07 Squid_Alarm 55879 Squid has exited. Reconfiguring filter. May 15 10:12:04 xinetd 21386 Reconfigured: new=0 old=1 dropped=0 (services) May 15 10:12:04 xinetd 21386 readjusting service 6969-udp May 15 10:12:04 xinetd 21386 Swapping defaults May 15 10:12:04 xinetd 21386 Starting reconfiguration May 15 10:12:03 check_reload_status Reloading filter May 15 10:12:02 php-fpm 55695 /pkg_edit.php: [squid] Starting a proxy monitor script May 15 10:11:52 php-fpm 55695 /pkg_edit.php: The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was '2016/05/15 10:11:52| Can't use proxy auth because no authentication schemes are fully configured. FATAL: ERROR: Invalid ACL: acl password proxy_auth REQUIRED Squid Cache (Version 3.5.16): Terminated abnormally. CPU Usage: 0.019 seconds = 0.013 user + 0.006 sys Maximum Resident Size: 48096 KB Page faults with physical i/o: 0' May 15 10:11:52 squid ERROR: Invalid ACL: acl password proxy_auth REQUIRED May 15 10:11:51 php-fpm 55695 /pkg_edit.php: [squid] Starting service... Edit: Seems to be a bug ? I did fix this by setting the Authentication to Local and then back to none One last question, is the default Gateway the only way to configure which Gateway the proxy uses ? No Gateway Groups or so ?
  • SOLVED: squidguard blocks site (blacklist) while named in whitelist

    3
    0 Votes
    3 Posts
    2k Views
    S
    More clearance: it was the 'play´  button on the website (hardcore-radio.png) that was blocked by clamav and showed as blocked by squidguard!?
  • Single public IP, 2 Domain reverse proxy

    14
    0 Votes
    14 Posts
    4k Views
    P
    Hi Michael, Yes those are listening on my 'webserver' / testbox.. When writing the guide i was using only 2 machines (1 pfSense & 1 webserver), where i indeed had the webserver listening on multiple ports with a different index.html served on each one just to check if the haproxy side of things was working properly. When using different webservers you could use port 80 or 443 on all of them and make the difference by their ip's. Or you could actually host multiple webapplications on different ports from 1 machine, while serving all of them on the 'outside' on the standard 80 / 443 ports. But a webserver could likely also accomplish that with configuring some virtualhosts.. Anyway i hope this helps understand the screenshots a little better.. Sorry for the confusion. Latest 'doc' is currently available here (im still using those non standard ports there though ;) ): https://github.com/PiBa-NL/pfsense-haproxy-package-doc/wiki Regards, PiBa-NL
  • Squid went slow and the admin interface becomes unresponsive

    4
    0 Votes
    4 Posts
    1k Views
    T
    My cache file system is null and any memory cache should have been flushed when I rebooted right? This is a nanobsd-installation (running from a CF card). I did however command a "flush" just to make sure.
  • Avoid caching all subdomains from a domain

    1
    0 Votes
    1 Posts
    563 Views
    No one has replied
  • Squid slowing down file transfer between local machines

    7
    0 Votes
    7 Posts
    1k Views
    C
    I agree totally with you… But the issue only happens when the squid is enable... Probably it is misconfigurating... How can I start tracing the problem? [image: Screenshot_20160513-053306.png] [image: Screenshot_20160513-053306.png_thumb] [image: Screenshot_20160513-053630.png] [image: Screenshot_20160513-053630.png_thumb] [image: Screenshot_20160513-053333.png] [image: Screenshot_20160513-053333.png_thumb]
  • 0 Votes
    1 Posts
    667 Views
    No one has replied
  • Can Haproxy and Squid co-exist?

    5
    0 Votes
    5 Posts
    1k Views
    jimpJ
    Ah, well neither of them start/run until you enable them, so if you get them set how you want and then turn them on, you're fine.
  • Weird ClamAV problem after 2.2.6 to 2.3 upgrade

    1
    0 Votes
    1 Posts
    703 Views
    No one has replied
  • SquidGuard url_rewrite issue with Squid 3.5

    6
    0 Votes
    6 Posts
    4k Views
    A
    Do you have the "Use SafeSearch Engine" box check under Common ACL of Squidguard that has not worked for quite a while, before 2.3 I used DNS Resolver and created a Host Overrides Host      Domain        IP www     google.com 216.239.38.120 However this stoped working in 2.3
  • Certificate error ONLY blocked sites

    1
    0 Votes
    1 Posts
    648 Views
    No one has replied
  • PFSENSE Proxy Server provides false certificates for blocked https pages

    9
    0 Votes
    9 Posts
    3k Views
    M
    Hi i  have same problem? Do you have solution? tks!
  • Forcing Youtube Safe Search

    2
    0 Votes
    2 Posts
    1k Views
    S
    It is not possible to rewrite the Cookie header in Squid guard. You need to have the content scanning/modification engine. Typically ICAP protocol is used for this purpose like in http://docs.diladele.com/tutorials/filtering_https_traffic_squid_pfsense/index.html
  • ClamAV -> Squid HTTPS/SSL Traffic ?

    4
    0 Votes
    4 Posts
    2k Views
    A
    As I understand it, yes. But again I am no expert. This is actually the next thing I am delving into myself…
  • [Solved] Can't get ACL to match on Haproxy

    6
    0 Votes
    6 Posts
    2k Views
    T
    @PiBa: On pfSense 2.2 it is NOT fixed, the pullrequest is still pending.. https://github.com/pfsense/pfsense-packages/pull/1236 On pfSense 2.3 it is fixed: https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc#L62 Perfect, I'm on 2.3 :) Thanks a bunch.
  • SquidGuard Crash each time I update blacklist

    8
    0 Votes
    8 Posts
    2k Views
    B
    Thanks Guys for the help working fine now after update no errors. :) :)
  • HAProxy editing issue

    5
    0 Votes
    5 Posts
    1k Views
    C
    Merged, thanks!
  • Squid reverse proxy and 2.3 WebGUI

    1
    0 Votes
    1 Posts
    940 Views
    No one has replied
  • 0 Votes
    3 Posts
    1k Views
    S
    Hello Jimp, Sorry for the late reply. Actually I upgraded and its not a NanoBSD. I didn't set the RAM disk option. Any how I upgraded another 64 bit server and had the same issue. I add proxy authentication and it started to work. Now users have to enter proxy authentication in heire web browsers.  Is there a solution.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.