2.1 with Squid3 - How to reset the config of a deleted package?
-
Hi Marcelloc!
I see your name frequently is the forum.
Thanks for your work, thanks for your help.With ssh access, I delete /usr/pbi/squid-i386/etc/squid/squid.conf
I copy /usr/pbi/squid-i386/etc/squid/squid.conf.default to squid.conf, and reboot pfSense.
The config is the same, no change./var/squid/logs/access.log is empty
[2.1-BETA0][admin@pfSense.tld]/var/squid(4): pwd /var/squid [2.1-BETA0][admin@pfSense.tld]/var/squid(5): ls -l logs/ total 14 -rw-r--r-- 1 proxy proxy 0 Nov 10 12:35 access.log -rw-r----- 1 proxy proxy 4375 Nov 11 09:59 cache.log -rw-r--r-- 1 proxy proxy 7132 Nov 10 18:49 cache.log.0 [2.1-BETA0][admin@pfSense.tld]/var/squid(6):
The content of cache.log
[2.1-BETA0][admin@pfSense.tld]/var/squid(6): cat logs/cache.log 2012/11/11 00:00:02| storeDirWriteCleanLogs: Starting... 2012/11/11 00:00:02| Finished. Wrote 0 entries. 2012/11/11 00:00:02| Took 0.00 seconds ( 0.00 entries/sec). 2012/11/11 09:57:00| Preparing for shutdown after 16133 requests 2012/11/11 09:57:00| Waiting 3 seconds for active connections to finish 2012/11/11 09:57:00| FD 22 Closing HTTP connection 2012/11/11 09:57:00| FD 23 Closing HTTP connection 2012/11/11 09:57:04| Shutting down... 2012/11/11 09:57:04| FD 24 Closing ICP connection 2012/11/11 09:57:04| basic/auth_basic.cc(97) done: Basic authentication Shutdown. 2012/11/11 09:57:04| Closing unlinkd pipe on FD 17 2012/11/11 09:57:04| storeDirWriteCleanLogs: Starting... 2012/11/11 09:57:04| Finished. Wrote 0 entries. 2012/11/11 09:57:04| Took 0.00 seconds ( 0.00 entries/sec). CPU Usage: 303.738 seconds = 162.332 user + 141.405 sys Maximum Resident Size: 14768 KB Page faults with physical i/o: 3 2012/11/11 09:57:04| Open FD UNSTARTED 11 DNS Socket IPv6 2012/11/11 09:57:04| Open FD READ/WRITE 12 DNS Socket IPv4 2012/11/11 09:57:04| Open FD READ/WRITE 16 Waiting for next request 2012/11/11 09:57:04| Open FD UNSTARTED 24 ICP Socket 2012/11/11 09:57:04| Open FD READ/WRITE 25 www.msftncsi.com idle connection 2012/11/11 09:57:04| Open FD READ/WRITE 26 crl.microsoft.com idle connection 2012/11/11 09:57:04| Squid Cache (Version 3.1.20): Exiting normally. 2012/11/11 09:59:09| Starting Squid Cache version 3.1.20 for i386-portbld-freebsd8.3... 2012/11/11 09:59:09| Process ID 18192 2012/11/11 09:59:09| With 6976 file descriptors available 2012/11/11 09:59:09| Initializing IP Cache... 2012/11/11 09:59:09| DNS Socket created at [::], FD 11 2012/11/11 09:59:09| DNS Socket created at 0.0.0.0, FD 12 2012/11/11 09:59:09| Adding domain cna.mg from /etc/resolv.conf 2012/11/11 09:59:09| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2012/11/11 09:59:09| Adding nameserver 192.168.1.1 from /etc/resolv.conf 2012/11/11 09:59:09| Adding nameserver 208.67.222.222 from /etc/resolv.conf 2012/11/11 09:59:09| Adding nameserver 208.67.220.220 from /etc/resolv.conf 2012/11/11 09:59:09| Adding nameserver 8.8.8.8 from /etc/resolv.conf 2012/11/11 09:59:09| Adding nameserver 8.8.8.4 from /etc/resolv.conf 2012/11/11 09:59:09| User-Agent logging is disabled. 2012/11/11 09:59:09| Referer logging is disabled. 2012/11/11 09:59:10| Unlinkd pipe opened on FD 17 2012/11/11 09:59:10| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 2012/11/11 09:59:10| Store logging disabled 2012/11/11 09:59:10| Swap maxSize 5120000 + 262144 KB, estimated 414011 objects 2012/11/11 09:59:10| Target number of buckets: 20700 2012/11/11 09:59:10| Using 32768 Store buckets 2012/11/11 09:59:10| Max Mem size: 262144 KB 2012/11/11 09:59:10| Max Swap size: 5120000 KB 2012/11/11 09:59:10| Version 1 of swap file with LFS support detected... 2012/11/11 09:59:10| Rebuilding storage in /var/squid/cache (CLEAN) 2012/11/11 09:59:10| Using Least Load store dir selection 2012/11/11 09:59:10| Current Directory is /etc 2012/11/11 09:59:10| Loaded Icons. 2012/11/11 09:59:10| helperOpenServers: Starting 0/0 'ssl_crtd' processes 2012/11/11 09:59:10| helperOpenServers: No 'ssl_crtd' processes needed. 2012/11/11 09:59:10| Accepting HTTP connections at 172.24.0.1:3128, FD 22. 2012/11/11 09:59:10| Accepting intercepted HTTP connections at 127.0.0.1:3128, FD 23. 2012/11/11 09:59:10| Accepting ICP messages at [::]:7, FD 24. 2012/11/11 09:59:10| HTCP Disabled. 2012/11/11 09:59:10| Ready to serve requests. 2012/11/11 09:59:10| Done reading /var/squid/cache swaplog (0 entries) 2012/11/11 09:59:10| Finished rebuilding storage from disk. 2012/11/11 09:59:10| 0 Entries scanned 2012/11/11 09:59:10| 0 Invalid entries. 2012/11/11 09:59:10| 0 With invalid flags. 2012/11/11 09:59:10| 0 Objects loaded. 2012/11/11 09:59:10| 0 Objects expired. 2012/11/11 09:59:10| 0 Objects cancelled. 2012/11/11 09:59:10| 0 Duplicate URLs purged. 2012/11/11 09:59:10| 0 Swapfile clashes avoided. 2012/11/11 09:59:10| Took 0.11 seconds ( 0.00 objects/sec). 2012/11/11 09:59:10| Beginning Validation Procedure 2012/11/11 09:59:10| Completed Validation Procedure 2012/11/11 09:59:10| Validated 25 Entries 2012/11/11 09:59:10| store_swap_size = 0 2012/11/11 09:59:11| storeLateRelease: released 0 objects [2.1-BETA0][admin@pfSense.tld]/var/squid(7):
Where is the xml file?
I can not see the modified values in these files[2.1-BETA0][admin@pfSense.tld]/var/squid(7): find / -name "*squid*xml*" /usr/local/pkg/squid.xml /usr/local/pkg/squid_reverse_general.xml /usr/local/pkg/squid_reverse_peer.xml /usr/local/pkg/squid_reverse_uri.xml /usr/local/pkg/squid_reverse_sync.xml /usr/local/pkg/squid_sync.xml /usr/local/pkg/squid_cache.xml /usr/local/pkg/squid_nac.xml /usr/local/pkg/squid_ng.xml /usr/local/pkg/squid_traffic.xml /usr/local/pkg/squid_upstream.xml /usr/local/pkg/squid_reverse.xml /usr/local/pkg/squid_auth.xml /usr/local/pkg/squid_users.xml [2.1-BETA0][admin@pfSense.tld]/var/squid(8):
[2.1-BETA0][admin@pfSense.tld]/usr/local/pkg(17): ps ax |grep squid 17633 ?? Is 0:00.01 /usr/pbi/squid-i386/sbin/squid -f /usr/pbi/squid-i386 18192 ?? R 0:45.86 (squid) -f /usr/pbi/squid-i386/etc/squid/squid.conf ( 59301 0 S+ 0:00.01 grep squid [2.1-BETA0][admin@pfSense.tld]/usr/local/pkg(18):
If can post all needed info.
I think it can be help to have a reset button in the GUI for restore default value.
@+
-
Squid package config stays on pfSense config.xml file.
Make a backup (diagnostic s-> backup) and take a look for squid settings.
Be care full while editing XML file to do not mess up the file and break your pfSense.
If you know how Vi and XML config works, you can try a viconfig on console.
-
I uncheck "dynamic content" and can see that "du -h /var/squid/cache" begin to increase. Wait for real use of the network for verify if cache work.
"tail -f /var/squid/logs/access.log" stay empty. Nothing in this log-file.
/cf/conf/config.xml contain configs data but it seems to be mixed in the file, ie, the item in the file is not in the same order in the GUI, it is more complicated for me because the number of lines (3250), I prefer do nothing with this file.
I'm not certain that it works correctly.
-
the ends of lines of /var/squid/logs/cache.log show some errors
[2.1-BETA0][admin@pfSense.tld]/var/squid(7): cat logs/cache.log 2012/11/12 00:00:00| storeDirWriteCleanLogs: Starting... 2012/11/12 00:00:00| Finished. Wrote 5657 entries. 2012/11/12 00:00:00| Took 0.01 seconds (427233.59 entries/sec). 2012/11/12 08:30:13| comm_old_accept: FD 23: (53) Software caused connection abort 2012/11/12 08:30:13| httpAccept: FD 23: accept failure: (53) Software caused connection abort 2012/11/12 08:30:16| comm_old_accept: FD 23: (53) Software caused connection abort 2012/11/12 08:30:16| httpAccept: FD 23: accept failure: (53) Software caused connection abort 2012/11/12 08:30:18| comm_old_accept: FD 23: (53) Software caused connection abort 2012/11/12 08:30:18| httpAccept: FD 23: accept failure: (53) Software caused connection abort 2012/11/12 08:30:20| comm_old_accept: FD 23: (53) Software caused connection abort 2012/11/12 08:30:20| httpAccept: FD 23: accept failure: (53) Software caused connection abort [2.1-BETA0][admin@pfSense.tld]/var/squid(8):
I can not interpret these errors.
.
-
I see that squid runs under root. Is it normal?
[2.1-BETA0][admin@pfSense.tld]/var/squid(17): ps ux |grep squid root 12374 0.0 0.8 9552 3984 ?? Is Sun11AM 0:00.01 /usr/pbi/squid-i38 root 10230 0.0 0.2 3536 1184 0 S+ 11:34AM 0:00.01 grep squid [2.1-BETA0][admin@pfSense.tld]/var/squid(18):
[2.1-BETA0][admin@pfSense.tld]/var/squid(19): cat /etc/passwd |grep squid [2.1-BETA0][admin@pfSense.tld]/var/squid(20): cat /etc/passwd | grep proxy proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin [2.1-BETA0][admin@pfSense.tld]/var/squid(21): cat /etc/group | grep squid [2.1-BETA0][admin@pfSense.tld]/var/squid(22): cat /etc/group | grep proxy proxy:*:62: [2.1-BETA0][admin@pfSense.tld]/var/squid(23):
In /usr/pbi/squid-i386/etc/squid/squid.conf the user and group are proxy
[2.1-BETA0][admin@pfSense.tld]/var/squid(23): cat /usr/pbi/squid-i386/etc/squid/squid.conf # This file is automatically generated by pfSense # Do not edit manually ! http_port 172.24.0.1:3128 http_port 127.0.0.1:3128 intercept icp_port 7 dns_v4_first off pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_default_language fr icon_directory /usr/pbi/squid-i386/etc/squid/icons visible_hostname aro-afo cache_mgr admin@localhost access_log /dev/null cache_log /var/squid/logs/cache.log cache_store_log none sslcrtd_children 0 logfile_rotate 15 shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 172.24.0.0/24 uri_whitespace strip acl dynamic urlpath_regex cgi-bin \? cache deny dynamic cache_mem 256 MB maximum_object_size_in_memory 128 KB memory_replacement_policy lru cache_replacement_policy heap LFUDA cache_dir ufs /var/squid/cache 5000 16 256 minimum_object_size 0 KB maximum_object_size 20000 KB offline_mode offcache_swap_low 90 cache_swap_high 95 # No redirector configured #Remote proxies # Setup some default acls acl allsrc src all acl localhost src 127.0.0.1/32 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 1025-65535 acl sslports port 443 563 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports # Always allow localhost connections http_access allow localhost quick_abort_min 0 KB quick_abort_max 0 KB request_body_max_size 0 KB delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 # Throttle extensions matched in the url acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl" delay_access 1 allow throttle_exts delay_access 1 deny allsrc # Reverse Proxy settings # Custom options # Setup allowed acls # Allow local network(s) on interface(s) http_access allow localnet # Default block all to be sure http_access deny allsrc [2.1-BETA0][admin@pfSense.tld]/var/squid(24):
-
"tail -f /var/squid/logs/access.log" stay empty. Nothing in this log-file.
Did you enabled squid logs on gui?
-
Enable logging is enabled.
In this time I do a update from 13 Nov to 17 Nov.
After this if I see some error I report it here.In this version caching dynamic content work?
-
Now, I have activities into /var/squid/logs/access.log with some HIT
The size given by du -h /var/squid/cache/ increase and decrease (decrease slowly), but is not in the maximum value get in GUI.
In GUI It put 3000Mo, yesterday "du -h" give 780Mo, today it is 757MoI can think that it work correctly.
I continue to view this work and install lightsquid in next week, and when it work normally, install squidguard too, but when a problem occurs, it is an other thread.
Thanks for help.
-
How to mark [solved] in subject?
-
Edit your first post in this subject and edit Subject field.. ;)
-
I want to note that in 2.1, squid3 seems not work with "dynamic content" checked.
Thanks for all.