Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid 6.5 !! Nov 6th

    Scheduled Pinned Locked Moved Cache/Proxy
    squid updatebug fixesupstream fix
    82 Posts 12 Posters 24.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lg1980 @JonathanLee
      last edited by

      @JonathanLee great news !

      For now, enjoy with you family the new year !!!

      Thanks !

      kiokomanK 1 Reply Last reply Reply Quote 1
      • kiokomanK
        kiokoman LAYER 8 @lg1980
        last edited by

        It would be interesting to see what netgate have to say about this now,
        it seems that alot of cve if not all have been patched in squid 6.4 and 6.5, IMHO it would be a shame to remove this package from the list now. any chance that netgate will retreat that statement and continue to support squid or is it the final decision? @stephenw10 ?

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        JonathanLeeJ 1 Reply Last reply Reply Quote 2
        • JonathanLeeJ
          JonathanLee @kiokoman
          last edited by

          @kiokoman I would too, if the update fixes all of the issues why not use it?

          Make sure to upvote

          1 Reply Last reply Reply Quote 0
          • JonathanLeeJ JonathanLee referenced this topic on
          • JonathanLeeJ
            JonathanLee @lg1980
            last edited by

            @lg1980 What is the recommended donation for this update? Also I can start to test this Jan 8th or 9th when all the kids are back in school

            Make sure to upvote

            L 1 Reply Last reply Reply Quote 1
            • L
              lg1980 @JonathanLee
              last edited by

              @JonathanLee said in Squid 6.5 !! Nov 6th:

              What is the recommended donation for this update? Also I can start to test this Jan 8th or 9th when all the kids are back in school

              I have no economic interest in these updates and support from Squid, whatever I personally feel in relation to covering my hours/dedication to work financially.

              JonathanLeeJ 1 Reply Last reply Reply Quote 0
              • JonathanLeeJ
                JonathanLee
                last edited by

                @stephenw10

                Did you check this out Squid with all the updates !!!

                Make sure to upvote

                1 Reply Last reply Reply Quote 0
                • JonathanLeeJ
                  JonathanLee @lg1980
                  last edited by

                  @lg1980 result for use with arm processor

                  3f23c99c-5db0-4d5e-860f-460eadbee5bb-image.png

                  Make sure to upvote

                  L 1 Reply Last reply Reply Quote 0
                  • JonathanLeeJ
                    JonathanLee @lg1980
                    last edited by

                    @lg1980 how can I test the package?

                    Make sure to upvote

                    1 Reply Last reply Reply Quote 0
                    • J
                      jc1976
                      last edited by

                      all these updates are great but what happens when it's finally done?

                      Netgate said squid will no longer be available in the package manager with the next major release of pfsense, so it seems squids days are numbered, at least for pfsense, which really sucks..

                      there's haproxy, but that lacks av integration.. people might say "it doesn't matter b/c internet traffic is encrypted.. yes, but if you're behind a proxy, then it works well!

                      so what are we supposed to do?

                      JonathanLeeJ 1 Reply Last reply Reply Quote 0
                      • JonathanLeeJ
                        JonathanLee @jc1976
                        last edited by

                        @jc1976 You just manually install it if you use it like us. It will be back alot of users use this.

                        Make sure to upvote

                        J 1 Reply Last reply Reply Quote 0
                        • J
                          jc1976 @JonathanLee
                          last edited by

                          @JonathanLee

                          ok, but if netgate removes it from the package manager and we have to manually install it, does that mean the gui portion of it will be removed and all configuring will need to be done via cli?

                          JonathanLeeJ L 3 Replies Last reply Reply Quote 0
                          • JonathanLeeJ
                            JonathanLee @jc1976
                            last edited by JonathanLee

                            @jc1976 You would have to do it in cmd line after, and use the old packages to install manually

                            Make sure to upvote

                            1 Reply Last reply Reply Quote 0
                            • JonathanLeeJ
                              JonathanLee @jc1976
                              last edited by

                              @jc1976

                              https://forum.netgate.com/topic/185029/resolved-quest-for-older-package-wget

                              I would not use it but if you need it like me..

                              I did it with Snort to stop the core dumps

                              Just know that Netgate recommended it be removed.

                              Make sure to upvote

                              1 Reply Last reply Reply Quote 0
                              • L
                                lg1980 @JonathanLee
                                last edited by

                                @JonathanLee said in Squid 6.5 !! Nov 6th:

                                result for use with arm processor

                                Oh man ! it still doesn't compile binaries for the ARM version, I don't have Netgate hardware here to test.

                                This is only to AMD64 version architeture.

                                1 Reply Last reply Reply Quote 0
                                • L
                                  lg1980 @jc1976
                                  last edited by

                                  @jc1976 said in Squid 6.5 !! Nov 6th:

                                  ok, but if netgate removes it from the package manager and we have to manually install it, does that mean the gui portion of it will be removed and all configuring will need to be done via cli?

                                  No, personally, and even to maintain pf2ad, I will maintain in a parallel repository (in this case it will be unofficial) Squid and all the tools, as well as the web interface (as it is), with the necessary updates for each package

                                  1 Reply Last reply Reply Quote 1
                                  • M
                                    Michele Trotta
                                    last edited by

                                    Hi Luiz,

                                    I'm starting from a clean installation of pfsense 2.7.2 and running the command fetch -q -o - https://gitlab.labexposed.com/-/snippets/15/raw/main/repo-squid66.sh | sh

                                    I installed the packages as shown in the image.

                                    8cd4ad25-5608-4f27-9092-c2c179288137-image.png

                                    After configuring Squid and SquidGuard I have the following errors:

                                    • in real time

                                    da569d1d-38ed-49d5-8c25-213097cc1693-image.png

                                    -on the client

                                    3b0f1455-495f-4247-95d2-24e529de70da-image.png

                                    where the ip 172.17.78.81 is the proxy

                                    Is there anything I can do ?

                                    JonathanLeeJ 3 Replies Last reply Reply Quote 0
                                    • JonathanLeeJ
                                      JonathanLee @Michele Trotta
                                      last edited by

                                      @Michele-Trotta interesting…. What does Squids official website say about that error?

                                      Make sure to upvote

                                      1 Reply Last reply Reply Quote 0
                                      • M
                                        Michele Trotta
                                        last edited by

                                        Hi everyone, since version 2.7.1 pfsense Squid is deprecated and that's why all these strange errors occur.
                                        I was hoping for Luiz's patch. Before abandoning pfsense+squid I will do some more tests because it is an excellent solution.
                                        If you have other solutions to try let me know.
                                        Greetings
                                        Michele

                                        JonathanLeeJ 1 Reply Last reply Reply Quote 0
                                        • JonathanLeeJ
                                          JonathanLee @Michele Trotta
                                          last edited by JonathanLee

                                          @Michele-Trotta hello everyone on this post is already aware. This post is for work arounds. Squid itself has many new security updates already available. I am sure you are aware. Thanks, this post is just the open source community coming together to help find ways to make it work. Solutions are needed and being tested in here with high hopes of bring the latest Squid version online for die hard users. Just some open source discussion at its finest. Seems it still has some bugs with that error you see above.

                                          Leading to Ecap over icap I wonder if that would improve security as it can work directly with DoH I am told.

                                          DoH is a big issue with dns based security….. it’s pure https based DNS you can’t force it and it’s reaction based when you block it, ever worse is QUIC. The latest Squid updates have QUIC protocol tools to detect and inspect. That’s https over udp, and it’s a big issue within dns based cyber security detection also. That’s why Squid can’t and won’t die. It’s because Squid has solutions for all the new protocols.

                                          We make solutions not problems.

                                          Make sure to upvote

                                          1 Reply Last reply Reply Quote 0
                                          • JonathanLeeJ
                                            JonathanLee @Michele Trotta
                                            last edited by

                                            @Michele-Trotta Squid has custom options you can check them on there website, I wonder if something is automatically activated when the new version is installed…

                                            Make sure to upvote

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.