Squid-reverse
-
Hi !
This issue occures because of 2.1 relies on package installation as pbi and these packages are built automatically.
squid-reverse cannot be build automatically until now, because of squid 2.7x (for 1.2 compability) would be broken… :-(
i'll check what i can do there...
sorry...Dont be sorry… To be honest, i've had issues with other packages because of pbi. One workaround that may work is to remove 'depends_on_package_pbi' section from the 'pkg_config.8.xml' file. I'll still have to manually install the binaries which i've been doing since pbi where added to the package system..
Edit: I manually copied the xml/inc files from the new package over to my box.. So far so good.. It'll be a few days but can't wait to try reverse-proxy side of this
-
:)
have fun ! -
trendchiller,
Do you have ads compiled on this squid3 version?
Certificate can be extracted from pfsense cert manager, do you have plans to change it? Can I help you on this package?
This package can handle multiple domains/hosts?
-
Trying to determine if Squid-reverse can do what I need.
We have 2 HTTPS sites each with a different name coming via one Internet Line to PFsense. Can I send, based on it's HTTPS name, one site to one server and the second to a different server.
For example: https://site1.something.com go to server 1 and Https://site2.abc.net to server2 both have different certificates.
If so what would be the reverse proxy configuration?
Thanks
cjb
-
i really have to admin, i never testet this constellation ;-)
have a try and let me know…
the configuration should be the same as with HTTP (see the before examples)good lock
-
Is it possible to use squid-reverse and squidguard together ?
SquidGuard installs always squid2.7 package. -
Nachtfalke,
you can try to install squidguard, remove squid2 and install squid-reverse.
-
Nachtfalke,
you can try to install squidguard, remove squid2 and install squid-reverse.
If I try to remove squid it removes squidguard, too.
pkg_delete squid
Is not working because of dependencies
pkg_delete -r squid
removes squidguard
-
Maybe it will need a full compile to solve this.
-
I'm having an issue trying to install squid-reverse and some other packages. I'm currently running pfSense-Full-Update-2.1-DEVELOPMENT-i386-20111125-1741.tgz which can be found here http://files.pfsense.org/jimp/ipv6/
Here is the output from the package installation:
Beginning package installation for squid-reverse . Downloading package configuration file... done. Saving updated package information... done. Downloading squid-reverse and its dependencies... Checking for package installation... Downloading http://files.pfsense.org/packages/8/All/libwww-5.4.0_4-i386.pbi ... (extracting) Downloading http://files.pfsense.org/packages/8/All/squid_radius_auth-1.10-i386.pbi ... (extracting) Downloading http://files.pfsense.org/packages/8/All/squid-3.1.19-i386.pbi ... could not download from there or http://ftp2.FreeBSD.org/pub/FreeBSD/ports/i386/packages-8.1-release/All/squid-3.1.19-i386.pbi. of libwww-5.4.0_4-i386.pbi squid_radius_auth-1.10-i386.pbi squid-3.1.19-i386 failed! Installation aborted.Backing up libraries... Removing package... Starting package deletion for libwww-5.4.0_4-i386.pbi squid_radius_auth-1.10-i386.pbi squid-3.1.19-i386...done. Removing squid-reverse components... Tabs items... done. Menu items... done. Services... done. Loading package instructions... Include file squid.inc could not be found for inclusion. Deinstall commands... Not executing custom deinstall hook because an include is missing. Removing package instructions...done. Auxiliary files... done. Package XML... done. Configuration... done. Cleaning up... Failed to install package. Installation halted.
Trying to browse to the URLs http://files.pfsense.org/packages/8/All/squid-3.1.19-i386.pbi and http://ftp2.FreeBSD.org/pub/FreeBSD/ports/i386/packages-8.1-release/All/squid-3.1.19-i386.pbi result in 404's.
-
Hi !
we'll have to have a look why the pbi's are not built :-(
sorry… -
is there a way I could roll back to the 2.x package of squid without breaking anything? when i removed the package the older 2.x didn't show up as an option to install. I'm not sure what I'll break if i do an install using pkg_add.
after upgrading to 3 it has broken my QOS tagging, (see post http://forum.pfsense.org/index.php/topic,47643.0.html for details). rebooting didn't help nor did trying different vaules in in the ACLs.
we relied on the tagging to manage our traffic, it was a beautiful thing when it worked. 8)
thanks,
greg -
If you do not need squid-reverse then just use squid2 package.
Because the squid configuration files for squid2 and squid3 seems to be equal it would be probably no problem to do a:
pkg_add -r http://files.pfsense.org/packages/amd64/8/All/squid-2.7.9_1.tbz
If you need squid-reverse then install it from GUI(, delete (pkg_delete) squid3 and add (pkg_add) squid2.x
-
If you do not need squid-reverse then just use squid2 package.
If you need squid-reverse then install it from GUI(, delete (pkg_delete) squid3 and add (pkg_add) squid2.xi was using the squid-reverse for the OWA access / reverse-proxy functions. I'd like to get it back if possible, the previous version of squid-reverse, not squid2 or squid3 packages.
-g
-
If you do not need squid-reverse then just use squid2 package.
If you need squid-reverse then install it from GUI(, delete (pkg_delete) squid3 and add (pkg_add) squid2.xi was using the squid-reverse for the OWA access / reverse-proxy functions. I'd like to get it back if possible, the previous version of squid-reverse, not squid2 or squid3 packages.
-g
Then install squid-reverse package from GUI
SSH to your pfsense, uninstall (pkg_delete) squid3 and install (pkg_add) squid2.7.pkg_add -r http://files.pfsense.org/packages/amd64/8/All/squid-2.7.9_1.tbz
-
Then install squid-reverse package from GUI
SSH to your pfsense, uninstall (pkg_delete) squid3 and install (pkg_add) squid2.7.pkg_add -r http://files.pfsense.org/packages/amd64/8/All/squid-2.7.9_1.tbz
squid2 != squid-reverse (based on squid2) from my understanding. or am i wrong?
there was (about 2 weeks ago) 3 squid packages you could install from the list, squid2, squid3 and squid-reverse.
thanks,
greg -
Nachtfalke is right, it you install squid2 by pkg_add it'll work
the package name has nothing to do with the version of squid…
-
the package name has nothing to do with the version of squid…
thanks for the clarification trendchiller.
-g
-
:)
-
@trendchiller I had time to test and so far so good. Able to have it point to 4 different servers behind squid. Wildcard sub-host works good!.. I still have to test HTTPS but i'm not in rush to test…
Only drawback I have found are global settings. I like having forwarded_for off, via off for proxy but need them on when using reverse-proxy so the web server correctly puts the IPs in its logs. To work around this, I created another squid.conf file just for reverse-proxy and started another instance of squid on the box.... Major benefit here:I can keep access.log separate and pretty soon turn off logging for reverse-proxy since the web servers keep their own logs. And have different global settings.
I ended up hacking squid.inc so it would stop/restart both instances of squid. This way I don't need to start the second instance from the cmdline.
Is it pretty? No but works for me :-) Not sure if I'll keep it this way, may just go back to using pound but found squid reverse-proxy is faster then pound... and faster is good...lol...