23.01 Squid issue
-
@stephenw10 cf/conf/config.xml
<squidguardgeneral> <config> <squidguard_enable>on</squidguard_enable> <ldap_enable></ldap_enable> <ldapbinddn></ldapbinddn> <ldapbindpass></ldapbindpass> <ldapcachetime>0</ldapcachetime> <stripntdomain></stripntdomain> <striprealm></striprealm> <ldapversion>2</ldapversion> <rewrite_children>16</rewrite_children> <rewrite_children_startup>8</rewrite_children_startup> <rewrite_children_idle>4</rewrite_children_idle> <enable_guilog>on</enable_guilog> <enable_log>on</enable_log> <log_rotation>on</log_rotation> <adv_blankimg></adv_blankimg> <blacklist>on</blacklist> <blacklist_proxy></blacklist_proxy> <blacklist_url>http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz</blacklist_url> </config> </squidguardgeneral> <squidguarddefault> <config> <dest>PADRAO !blk_blacklists_child !blk_blacklists_malware all</dest> <notallowingip></notallowingip> <deniedmessage></deniedmessage> <redirect_mode>rmod_int</redirect_mode> <redirect>Erro de acesso na ACL!</redirect> <safesearch>on</safesearch> <rewrite>safesearch</rewrite> <enablelog>on</enablelog> </config> </squidguarddefault> -
@hugoeyng Have you tried this yet?
Ref:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/upgrades.html -
@jonathanlee I did not try this because in my point of view this will not solve the root question that is: th squidGuard installation package has a bug in it.
-
@hugoeyng I understand I just keep thinking that something within your configuration is bonked up. You know how when you reinstall a package all your settings stay, if that config is bonked up it will make it appear that the package is messed up. I just keep thinking back to how my configuration was missing a section and kept doing the same thing until I found out that reverse proxy needed to be saved again, it was showing as missing, did not matter how many times I reinstalled the package it would fail until I fixed the configuration.
-
@jonathanlee said in 23.01 Squid issue:
I understand I just keep thinking that something within your configuration is bonked up. You know how when you reinstall a package all your settings stay, if that config is bonked up it will make it appear that the package is messed up. I just keep thinking back to how my configuration was missing a section and kept doing the same thing until I found out that reverse proxy needed to be saved again, it was showing as missing, did not matter how many times I reinstalled the package it would fail until I fixed the configuration.
So, how I can completly remove SquidGuard in a way to make a clean install (without old configurations)?
I already tried some instructions, but did not work. -
@hugoeyng (/cf/conf/config.xml) rename with a .old after add patches and than rename it back to .xml maybe, if not revert it back. @stephenw10 would that work?
-
@jonathanlee I am sorry, but I can not agree your suggestion. I did waht you sugested , but did not work.
Could you send a config.xml that is working with squidGuard? I will replace it in my installation. -
@hugoeyng sure I can I will have to delete my password as it shows in clear text on the config file. How can I send it to you
-
@jonathanlee you can paste here or send to my e-mail
-
@hugoeyng what is your email?
-
@jonathanlee [removed]
-
@hugoeyng security !!!
I would recommend you guys private message each other your contact emails
-
@hugoeyng I sent you a copy of my config file. I hope that helps please don't share it with anyone else. I hope that helps you secure your system and get your URL blocker working again. Use it with a dif checker to see what is bonked up. I was somewhat worried to share this as it's everything, but then I thought, what is the goal? Well, it's to help secure systems with cyber security as the end result. I am 1. just running this at my home it's not really a super secure environment, so no big deal if I share it. I hope that helps you in some way as people are generally good.
-
https://redmine.pfsense.org/issues/13984
Someone else has found a solution while researching this issue
Make sure to upvote
-
This post is deleted! -
@jonathanlee It got worse
WARNING: Current pkg repository has a new PHP major
version. pfSense should be upgraded before
installing any new package. -
@jonathanlee Finally!! Everything working fine.
A few minutes ago the upgrade of Squid and squidGuard
was made available and corrected the issue we were trying to fix.Thank you, Jonathan and Stephen.
-
@hugoeyng that's great!! Now you have a really good URL filter again.
-
@hugoeyng @stephenw10 Is this of any concern I just noticed this?
Message from db5-5.3.28_9:
--
===> NOTICE:The db5 port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:https://bugs.freebsd.org/bugzilla
More information about port maintainership is available at:
https://docs.freebsd.org/en/articles/contributing/#ports-contributing
--
===> NOTICE:
This port is deprecated; you may wish to reconsider installing it:
EOLd, potential security issues, maybe use db18 instead.
It is scheduled to be removed on or after 2022-06-30.
I have found:
Shell Output - pkg info -r db5
db5-5.3.28_9:
squidGuard-1.4_15 -
It's a concern, yes. But we are not removing it from our repo any time soon. If we did Squidguard would fail and we would rework it with something else.
Steve
