@rootvallum Nope, the response i got is Apache-Coyote/1.1

Anyone here ?

By putting check-ssl keyword in the config.
https://github.com/pfsense/FreeBSD-ports/blob/ae27b1718e27a0655adf27b99fc1df6c90f1c524/net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc#L1120

Anyhow that line will be gone soon..

If you are using ldap port, you can try to create a load balance on pfsense for port 389 and point you config to it.

@marcelloc said in XMLRPC Sync Squid:

@rootvallum said in XMLRPC Sync Squid:

@marcelloc
Hi marcello can you give suggestion please :)

You will need to code a bit to get it working. Take a look on sync replication code under squid.inc. You will see all the "tabs" it includes before pushing to backup server.
If you comment tabs you do not want to sync, you can forward your configuration to other boxes.

$xml = array(); $xml['squid'] = $config['installedpackages']['squid']; $xml['squidupstream'] = $config['installedpackages']['squidupstream']; $xml['squidcache'] = $config['installedpackages']['squidcache']; $xml['squidantivirus'] = $config['installedpackages']['squidantivirus']; $xml['squidnac'] = $config['installedpackages']['squidnac']; $xml['squidtraffic'] = $config['installedpackages']['squidtraffic']; $xml['squidreversegeneral'] = $config['installedpackages']['squidreversegeneral']; $xml['squidreversepeer'] = $config['installedpackages']['squidreversepeer']; $xml['squidreverseuri'] = $config['installedpackages']['squidreverseuri']; $xml['squidauth'] = $config['installedpackages']['squidauth']; $xml['squidusers'] = $config['installedpackages']['squidusers']; /* Assemble XMLRPC payload */ $params = array(XML_RPC_encode($password), XML_RPC_encode($xml));

Remember to disable replication on squid before any package update/upgrade.

Thanks for your Guidance marcello .
I'll try this :)

nope, does not seem to work. Best way I've been able to get to work is by forwarding the nginx logs like I described above. Would prefer not to do it this way since tons of messages get sent when you are in the pfSense mgmt interface for a device. I'll keep trying to figure out how to just get the block.log.

Yep, that was it, needed to do the action. Thanks for the help!

frontend rancher bind 10.168.12.20:443 name 10.168.12.20:443 ssl crt /var/etc/haproxy/rancher.pem mode http log global option http-keep-alive option forwardfor acl https ssl_fc http-request set-header X-Forwarded-Proto http if !https http-request set-header X-Forwarded-Proto https if https timeout client 30000 acl aclcrt_longhorn hdr_reg(host) -i ^longhorn\.home\.swth(:([0-9]){1,5})?$ acl aclcrt_rancher hdr_reg(host) -i ^rancher\.home\.swth(:([0-9]){1,5})?$ use_backend rancher_http_ipvANY if aclcrt_longhorn or aclcrt_rancher aclcrt_rancher

@lemonparty1 said in Squid needs a cache hit rate graph somewhere. Anywhere:

@manojsemwal wow that is quite pretty! 😍
What visualization tool are you using?

Hi We are using Graylog + elasticseach.
we collect data from dozens of squid proxy servers + firewalls + wap + switches + windows servers + Linux servers.

@gertjan Thank you for your reply.. i will study further to get the ans ...

You have to use MITM for it to work or you can use this method, which also works perfectly fine.

https://forum.netgate.com/topic/100342/guide-to-filtering-web-content-http-and-https-with-pfsense-2-3

Mostly because nobody is actively developing on that package. We've nudged it here and there (like the cache option) but it's been mostly unchanged for years.

If someone wants to take that on, code it up and submit a PR.

After reading related articles and trying to uninstall..reinstall the package. There was still no joy in getting the package to run. The problems started on 06/01/18 after an update. I tried to delete the /usr/local/etc/squid dir and that didn't work either.

What did work, was to recover the system to a date before the update. The packages were reloaded and ta-da the squid cache came back to life. Should of tried the easy button first.

Looking back on what I read, there was mention of the CA certificate having a problem and needed to be rebuilt. According to my effective dates it was good for several more years. So, I have no clue as to what went south.

Really gives reason to backup often and certainly before any upgrade.

You will not get anything to work properly when running a version that outdated.

Remove all packages. Backup config.xml. Reinstall with 2.4.3. Restore configuration. Reinstall packages.

If your hardware is i386 and won't take 2.4.3, at least install 2.3.5.