Install older version of Packages
-
Hmm, OK, these were both fresh installs? I have test boxes here running Squid/Squidguard but I think they were all upgraded. It sounds like something was lost from the pkg...
-
@stephenw10 Yes fresh installs. Had not used pfSense before as an admin. I setup the PC which you helped me with the Activation Token after adding two dual network cards to previously. I was using the PC as a development environment while we were determining what Netgate model to buy.
So the PC came first and I have been using it to test things before doing them on the NEtgate 6100 MAX which was just delivered a week or two ago.
Both were at Release 23.05 before ever installing Squid for the first time. So the Squid install was new, not an upgrade.
-
Mmm, OK I see the language issues here. Digging...
-
@stephenw10 To reproduce the DNS log ERROR, I think if you have Squid Enabled, and the "Resolve DNS IPv4 First" unchecked on the main settings page.
Then on the AntiVirus tab, disable the Antivirus and Save.
I think that will trip the Error message in the Log.
It just did it for me.
RE-enabling the AV and saving does it too.
-
@stephenw10 HAve you had time to dig into this Squid issue any further?
Thanks.
-
Not yet. There is already a bug report open for the missing languages issue: https://redmine.pfsense.org/issues/14406
-
@stephenw10 Yes I saw that from the other tread. And you can just copy the files and get the ERROR messages to go away. I am more concerned that there is a potential bigger problem.
-
Yes, I understand. We need to know what caused that though, there's a good chance these things have the same root cause.
-
@stephenw10 OK, Thanks.
-
@Pete-wright and @JonathanLee you might want to follow this thread relative to your Squid conversation.
-
My Squid and Squidguard packages are working great as of now. Again I am running patches that are now part of this new version as well as the adapted error files.
Does any of this occur?
https://redmine.pfsense.org/issues/13984These patches on that Redime are now part of the new Squid and Squidguard versions. I am running SSL intercept and transparent at the same time and utilize custom options. Thank you Marcos for fixing all of those issues for us.
What are your error logs showing?
-
@JonathanLee In general, Squid and ClamAV are not working. I fixed those ERROR Templates just as you did, I had not ready your thread. I was also seeing the DNS first error even thought it is unchecked.
I am not running Squidguard which is a difference from your setup.
And these are clean installs. I did not have an earlier version of Squid installed.
I went from pfSense CE 2.7.0 to pfSense 23.01 then 23.05 on a PC and on a Netgate 6100 MAX from pfSense+ 223.01 to 23.05.
Squid 0.4.46 was a clean/new install.
Those patches should be incorpated as you mentioned since I only recently installed.
stephenw10 is looking into it.
-
@ericreiss I have seen the DNS first error for many years. It's a warning. IPv4 first is outdated or something. They just want you to have IPv6 now. Don't stress that one.
-
@JonathanLee Thanks Jonathan.
Sorry I did not repond sooner, I had short notice Thursday evening to drive down to our office (1.5 hour one way drive) for Friday to test our newly installed 100G symmetric Fiber installation and in stall the Netgate pfSense 6100 MAX.
The 6100 MAX worked like a champ. I had a little issue with a WIFI router I loaned them with DD-WRT firmware as I am trying to convince my boss about the benefits of using it of Lionksys' firmware.
When I returned home and checked it that night, I was able to Tailscale VPN and Wireguard VPN in to manage it.
Love the pfSense.
Then I had a busy weekend personal stuff.
Regarding the DNS v4 first issue, I liked Stephenw10's reply about the Template and DNS v4 first having possible root cause problems causing the other problems I was having.
Looking forward to seeing it working reliably be the other packages and pfSense have been great.
Thanks.
~Eric
-
-
-
Nothing on the bug report yet. Anything further will be added there.
-
@stephenw10 what about wget???
-
@stephenw10 so it has been four months on this and no updates on Squid fix?
-
What I'm going to say here is not supported, it can brick your firewall and there is a high chance of a reinstall being required.
So, if you choose to follow this route, do it at your own risk, backup a config first and also take a snapshot just to be safe, ok ?That being said, sometime ago I used to install a previous version of softflowd doing the following procedure: (updated for Squid).
Make sure Squid is not installed.
1- ssh to pfsense
2- go to /tmp directory
3- fetch https://firmware.netgate.com/pkg/pfSense_plus-v23_01_armv7-pfSense_plus_v23_01/All/pfSense-pkg-squid-0.4.45_10.pkg
4- fetch https://firmware.netgate.com/pkg/pfSense_plus-v23_01_armv7-pfSense_plus_v23_01/All/squid-5.7.pkg
5- pkg install pfSense-pkg-squid-0.4.45_10.pkg
6- pkg install squid-5.7.pkgTo remove this package: run pkg remove squid
Note: This version is for ARMv7 only, version 23.01.
Unfortunately, this is the latest version I found at https://firmware.netgate.com/pkg/Proceed with caution, I didn't test this with Squid, just with softflowd, so you are on your own, your responsibility !
To be honest, I'm not sure if it is a good idea to share this.. pfSense admins, feel free to remove this post if you want, it is ok by me!!