Squid + SquidGuard Broken - Will Not Start

marcelloc

@nutt318:

When I installed SquidGuard it installs Squid-2.7.9_1 automatically, but its not listed in the package manager on the web interface. Its only shown when i to a pkg_info.

I guess I'll try to do a pkg_delete on squid-2.7.9_1, then install squid3 from the package manager.

squiguard depends on squid2 install, that's why you see squid-2.7.9_1

@nutt318:

[2.0.1-RELEASE][root@pfsense.ps]/usr/local/pkg(19): pkg_delete: package 'squid-2.7.9_1' is required by these other packages

go to next step and install squid3

nutt318

@marcelloc:

squiguard depends on squid2 install, that's why you see squid-2.7.9_1

That makes sense.

So I did the next step and installed squid3, both squid and squidGuard server started but then all of my HTTP traffic was dead, for some reason all traffic wasnt going out. I went ahead and tried a simple reboot, after that it was more broke than before.

So I did a reset to factory and restored back to a couple weeks ago.

Not sure how I should go about getting this to work again, any ideas on why both services where started but didnt allow any traffic out?

marcelloc

Check what error messages you have during boot process, It will be useful to find what is broken.

nutt318

I'm not getting any error messages when starting up the server, however squid starts but squidGuard will not. I've looked into the system log but cannot find any erros when starting the service.

Is there a way to start squidGuard from the command line?

marcelloc

IIRC, squidguard is a squidhelper, so it should be in squid config to startup

nutt318

So after shutting down the firewall yesterday and now turning it back on Squid will not start again. I'll also mention that I have 2 identical pieces of hardware and my current production firewall that is in place is not the logs you see. I restored a backup to the test/backup firewall so all settings would be back. Anyways I'm trying to get this going on my backup firewall so when the time comes it will be easy to switch the working one over.

Should I just completely wipe my backup firewall and start over with the pfSense install, then install all packages, rules, settings, etc? If I do is there anything special on installing squid + squidGuard on a fresh install?

Again, thanks for the help!

When trying to start from the console getting the following error:
[2.0.1-RELEASE][root@pfsense.ps]/root(2): /usr/local/etc/rc.d/squid.sh start
FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Squid Cache (Version 2.7.STABLE9): Terminated abnormally.

Here are the system logs: Again both squid and squidGuard fail to start

Last 100 system log entries
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713227968]: SIH: Idle host scan thread starting [p4359]
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713227328]: DNSAR(2): Address resolution thread running
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t718033216]: SFP: Fingerprint scan thread starting [p4359]
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713227648]: DNSAR(1): Address resolution thread running
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713227008]: DNSAR(3): Address resolution thread running
Jun 26 15:28:22	ntop[4785]: THREADMGMT[t679481664]: ntop RUNSTATE: PREINIT(1)
Jun 26 15:28:22	ntop[4785]: THREADMGMT[t679481664]: ntop RUNSTATE: INIT(2)
Jun 26 15:28:22	ntop[4359]: GeoIP: loaded config file /usr/local/etc/ntop/GeoLiteCity.dat
Jun 26 15:28:22	ntop[4359]: GeoIP: loaded ASN config file /usr/local/etc/ntop/GeoIPASNum.dat
Jun 26 15:28:22	ntop[4359]: SSL is present but https is disabled: use -W <https port=""> for enabling it
Jun 26 15:28:22	ntop[4359]: INITWEB: Initializing web server
Jun 26 15:28:22	ntop[4359]: INITWEB: Initializing TCP/IP socket connections for web server
Jun 26 15:28:22	ntop[4359]: INITWEB: Initialized socket, port 3000, address (any)
Jun 26 15:28:22	ntop[4359]: INITWEB: Waiting for HTTP connections on port 3000
Jun 26 15:28:22	ntop[4359]: INITWEB: Starting web server
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713226688]: INITWEB: Started thread for web server
Jun 26 15:28:22	ntop[4359]: Listening on [bge1]
Jun 26 15:28:22	ntop[4359]: Loading Plugins
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713226688]: WEB: Server connection thread starting [p4359]
Jun 26 15:28:22	ntop[4359]: Note: SIGPIPE handler set (ignore)
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713226688]: WEB: Server connection thread running [p4359]
Jun 26 15:28:22	ntop[4359]: WEB: ntop's web server is now processing requests
Jun 26 15:28:22	ntop[4359]: Searching for plugins in /usr/local/lib/ntop/plugins
Jun 26 15:28:22	ntop[4359]: CPACKET: Welcome to cPacket.(C) 2008 by Luca Deri
Jun 26 15:28:22	ntop[4359]: ICMP: Welcome to ICMPWatch. (C) 1999-2005 by Luca Deri
Jun 26 15:28:22	ntop[4359]: NETFLOW: Welcome to NetFlow.(C) 2002-11 by Luca Deri
Jun 26 15:28:22	ntop[4359]: RRD: Welcome to Round-Robin Database. (C) 2002-11 by Luca Deri.
Jun 26 15:28:22	ntop[4359]: SFLOW: Welcome to sFlow.(C) 2002-11 by Luca Deri
Jun 26 15:28:22	ntop[4359]: Calling plugin start functions (if any)
Jun 26 15:28:22	ntop[4359]: RRD: Welcome to the RRD plugin
Jun 26 15:28:22	ntop[4359]: RRD: Mask for new directories is 0700
Jun 26 15:28:22	ntop[4359]: RRD: Mask for new files is 0066
Jun 26 15:28:22	ntop[4359]: THREADMGMT: RRD: Started thread (t713226368) for data collection
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713226368]: RRD: Data collection thread starting [p4359]
Jun 26 15:28:22	ntop[4359]: INIT: Created pid file (/var/run/ntop.pid)
Jun 26 15:28:22	ntop[4359]: Now running as requested user 'root' (0:0)
Jun 26 15:28:22	ntop[4359]: Note: Reporting device initally set to 0 [bge1]
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t679481664]: ntop RUNSTATE: RUN(4)
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713226048]: NPS(1): Started thread for network packet sniffing [bge1]
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713226048]: NPS(bge1): pcapDispatch thread starting [p4359]
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t718033216]: SFP: Fingerprint scan thread running [p4359]
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713226048]: NPS(bge1): pcapDispatch thread running [p4359]
Jun 26 15:28:22	ntop[4359]: THREADMGMT[t713227968]: SIH: Idle host scan thread running [p4359]
Jun 26 15:28:22	check_reload_status: Syncing firewall
Jun 26 15:28:23	check_reload_status: Syncing firewall
Jun 26 15:28:23	php: : SQUID is installed but not started. Not installing "nat" rules.
Jun 26 15:28:24	php: : SQUID is installed but not started. Not installing "pfearly" rules.
Jun 26 15:28:25	php: : SQUID is installed but not started. Not installing "filter" rules.
Jun 26 15:28:25	sshd[3195]: Accepted keyboard-interactive/pam for root from 10.72.40.89 port 56494 ssh2
Jun 26 15:28:27	php: : Starting Squid
Jun 26 15:28:27	squid[24648]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Jun 26 15:28:27	php: : The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Jun 26 15:28:27	ntop[4359]: CHKVER: Checking current ntop version at version.ntop.org/version.xml
Jun 26 15:28:27	ntop[4359]: CHKVER: Version file is from 'version.ntop.org'
Jun 26 15:28:27	ntop[4359]: CHKVER: as of date is '2011-08-15T11:00:47'
Jun 26 15:28:27	ntop[4359]: CHKVER: This version of ntop is the CURRENT stable version
Jun 26 15:28:28	php: : Starting Squid
Jun 26 15:28:28	squid[28591]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Jun 26 15:28:28	php: : The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Jun 26 15:28:32	ntop[4359]: THREADMGMT[t724356800]: RRD: Started thread for throughput data collection
Jun 26 15:28:32	ntop[4359]: THREADMGMT[t713226368]: RRD: Data collection thread running [p4359]
Jun 26 15:28:32	ntop[4359]: THREADMGMT[t724356800]: RRD: Throughput data collection: Thread starting [p4359]
Jun 26 15:28:32	ntop[4359]: THREADMGMT[t724356800]: RRD: Throughput data collection: Thread running [p4359]
Jun 26 15:28:37	check_reload_status: Reloading filter
Jun 26 15:28:38	check_reload_status: Reloading filter
Jun 26 15:28:42	php: : SQUID is installed but not started. Not installing "nat" rules.
Jun 26 15:28:43	php: : SQUID is installed but not started. Not installing "pfearly" rules.
Jun 26 15:28:43	php: : SQUID is installed but not started. Not installing "filter" rules.
Jun 26 15:28:49	php: : SQUID is installed but not started. Not installing "nat" rules.
Jun 26 15:28:49	php: : SQUID is installed but not started. Not installing "pfearly" rules.
Jun 26 15:28:49	php: : SQUID is installed but not started. Not installing "filter" rules.
Jun 26 15:28:50	check_reload_status: Syncing firewall
Jun 26 15:28:51	check_reload_status: Syncing firewall
Jun 26 15:28:53	php: : Starting Squid
Jun 26 15:28:53	squid[8601]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Jun 26 15:28:53	php: : The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Jun 26 15:28:53	php: : Starting Squid
Jun 26 15:28:53	squid[10724]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Jun 26 15:28:53	php: : The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Jun 26 15:29:03	check_reload_status: Reloading filter
Jun 26 15:29:03	check_reload_status: Syncing firewall
Jun 26 15:29:03	check_reload_status: Reloading filter
Jun 26 15:29:04	check_reload_status: Syncing firewall
Jun 26 15:29:05	squid[27977]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Jun 26 15:29:06	php: : IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.
Jun 26 15:29:06	squid[32891]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Jun 26 15:29:07	login: login on ttyv0 as root
Jun 26 15:29:08	php: : SQUID is installed but not started. Not installing "nat" rules.
Jun 26 15:29:09	php: : SQUID is installed but not started. Not installing "pfearly" rules.
Jun 26 15:29:09	php: : SQUID is installed but not started. Not installing "filter" rules.
Jun 26 15:29:10	Squid_Alarm[52438]: Squid has exited. Reconfiguring filter.
Jun 26 15:29:10	Squid_Alarm[52774]: Attempting restart...
Jun 26 15:29:10	squid[53979]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Jun 26 15:29:11	Squid_Alarm[55131]: Squid has exited. Reconfiguring filter.
Jun 26 15:29:11	Squid_Alarm[55489]: Attempting restart...
Jun 26 15:29:11	squid[56779]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Jun 26 15:29:14	php: : SQUID is installed but not started. Not installing "nat" rules.
Jun 26 15:29:14	php: : SQUID is installed but not started. Not installing "pfearly" rules.
Jun 26 15:29:15	php: : SQUID is installed but not started. Not installing "filter" rules.
Jun 26 15:30:16	squid[62898]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept</https>

nutt318

So I did a fresh install on my backup firewall server. Installed Squid3, then installed squidGuard. Still getting errors on squidGuard, trying to reinstall the package getting this error.

Fatal error: Cannot use string offset as an array in /usr/local/pkg/squidguard.inc on line 946

Trying to remove the package, getting this error. Any ideas?

Fatal error: Cannot use string offset as an array in /usr/local/pkg/squidguard.inc on line 946

marcelloc

Squidguard error says that there is no squid xml config saved.

Save squid config setup, install squidguard and then force squid3 install again as squidguard forces squid2.

nutt318

I gave that a shot, now getting this error.

squid[7651]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept

So here is part of my squid.conf file

# This file is automatically generated by pfSense
# Do not edit manually !
http_port 10.72.0.3:3128
http_port 127.0.0.1:3128 intercept
icp_port 7

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_default_language English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr jaken@popstarnetworks.com
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
sslcrtd_children 0
logfile_rotate 30
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  10.72.0.0/16
uri_whitespace strip

acl dynamic urlpath_regex cgi-bin \?
cache deny dynamic
cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir ufs /var/squid/cache 100 16 256
minimum_object_size 0 KB
maximum_object_size 10 KB
offline_mode off
# No redirector configured

marcelloc

maybe squidguard installed squid2 after squid3 install.

are you sure you reinstalled squid3?

if so, try to uninstall squid3 and then install again.

nutt318

I did a pkg_info and saw that squid3 and squid-2.7.9_1 and squidGuard-1.4_4

So I uninstalled squid3 and then installed it again and now squid is running.

Doing a pkg_info im still showing squid-2.7.9_1, squid-3.1.20, squidGuard-1.4_4.

Should squid 2 not be there? Now that squid3 is running what should i try to get squidGuard working?

marcelloc

@nutt318:

Should squid 2 not be there? Now that squid3 is running what should i try to get squidGuard working?

Now, just set up squidguard gui.

nutt318

Its working!

Thank you soo much Marcelloc

As a future reference when installing squid + squidGuard, what should I install first?

marcelloc

@nutt318:

As a future reference when installing squid + squidGuard, what should I install first?

squidguard then squid3.

if it fails to install, then install squid, squidguard, remove squid install squid3

nutt318

Awesome!

Again, thanks for the help