Squid & SquidGuard won't start on pfSense 2.0.3

ternarybit

So, everything was working (and almost everything still is) on my pfSense 2.0.3 box.

Basically I started noticing obvious cache misses, and ultimately I found out that both squid and squidGuard stopped for some reason. I haven't modified my pfSense configuration at all recently, other than changing the webConfigurator from HTTP to HTTPS.

Here's what I've tried:

• Manually starting them via Services menu. This claims that the service has been started, but it the icon is still red saying stopped.
• Reinstalled both packages. Still doesn't start.
• I noticed a stale squid.pid file in /var/squid/log, so I deleted it. No dice.
• I couldn't find anything too obvious in the system logs. Here it is:

Jun 1 07:08:01 	check_reload_status: Syncing firewall
Jun 1 07:08:01 	squid: Bungled squid.conf line 70: reply_body_max_size 0 deny all
Jun 1 07:08:06 	php: /pkg_mgr_install.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was '2013/06/01 07:08:01| WARNING: Netmasks are deprecated. Please use CIDR masks instead. 2013/06/01 07:08:01| WARNING: For now we will assume you meant to write /24 2013/06/01 07:08:01| WARNING: Netmasks are deprecated. Please use CIDR masks instead. 2013/06/01 07:08:01| WARNING: For now we will assume you meant to write /24 2013/06/01 07:08:01| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'. 2013/06/01 07:08:01| SECURITY NOTICE: Overriding config setting. Using 'all' instead. 2013/06/01 07:08:01| WARNING: (B) '0.0.0.0/0' is a subnetwork of (A) '0.0.0.0/0' 2013/06/01 07:08:01| WARNING: because of this '0.0.0.0/0' is ignored to keep splay tree searching predictable 2013/06/01 07:08:01| WARNING: You should probably remove '0.0.0.0/0' from the ACL named 'all' 2013/06/01 07:08:01| WARNING: Netmasks are deprecated. Please use CIDR masks instead. 2013/06/01 07:08:01| W
Jun 1 07:08:06 	check_reload_status: Reloading filter
Jun 1 07:08:07 	php: /pkg_mgr_install.php: Beginning package installation for squid.
Jun 1 07:08:09 	php: : SQUID is installed but not started. Not installing "nat" rules.
Jun 1 07:08:09 	php: : SQUID is installed but not started. Not installing "pfearly" rules.
Jun 1 07:08:09 	php: : SQUID is installed but not started. Not installing "filter" rules.
Jun 1 07:08:09 	php: : Sending HUP signal to 18623
Jun 1 07:08:09 	ipfw-classifyd: Reloading config...
Jun 1 07:08:09 	ipfw-classifyd: Loaded Protocol: bittorrent (rule action block)
Jun 1 07:08:09 	ipfw-classifyd: Loaded Protocol: directconnect (rule action block)
Jun 1 07:08:09 	ipfw-classifyd: Loaded Protocol: edonkey (rule action block)
Jun 1 07:08:09 	ipfw-classifyd: Loaded Protocol: fasttrack (rule action block)
Jun 1 07:08:09 	ipfw-classifyd: Loaded Protocol: gnutella (rule action block)
Jun 1 07:08:09 	ipfw-classifyd: Loaded Protocol: imesh (rule action block)
Jun 1 07:08:09 	ipfw-classifyd: Loaded Protocol: worldofwarcraft (rule action block)
Jun 1 07:08:12 	check_reload_status: Syncing firewall
Jun 1 07:08:13 	php: /pkg_mgr_install.php: Stopping any running proxy monitors
Jun 1 07:08:14 	php: /pkg_mgr_install.php: Starting Squid
Jun 1 07:08:14 	php: /pkg_mgr_install.php: Starting a proxy monitor script
Jun 1 07:08:14 	squid: Bungled squid.conf line 70: reply_body_max_size 0 deny all
Jun 1 07:08:15 	php: /pkg_mgr_install.php: Starting Squid
Jun 1 07:08:15 	squid: Bungled squid.conf line 70: reply_body_max_size 0 deny all
Jun 1 07:08:15 	php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -D' returned exit code '1', the output was '2013/06/01 07:08:15| WARNING: -D command-line option is obsolete. 2013/06/01 07:08:15| WARNING: Netmasks are deprecated. Please use CIDR masks instead. 2013/06/01 07:08:15| WARNING: For now we will assume you meant to write /24 2013/06/01 07:08:15| WARNING: Netmasks are deprecated. Please use CIDR masks instead. 2013/06/01 07:08:15| WARNING: For now we will assume you meant to write /24 2013/06/01 07:08:15| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'. 2013/06/01 07:08:15| SECURITY NOTICE: Overriding config setting. Using 'all' instead. 2013/06/01 07:08:15| WARNING: (B) '0.0.0.0/0' is a subnetwork of (A) '0.0.0.0/0' 2013/06/01 07:08:15| WARNING: because of this '0.0.0.0/0' is ignored to keep splay tree searching predictable 2013/06/01 07:08:15| WARNING: You should probably remove '0.0.0.0/0' from the ACL named 'all' 2013/06/01 07:08:15| WARNING: Netmasks are deprecat
Jun 1 07:08:19 	Squid_Alarm[53111]: Squid has exited. Reconfiguring filter.
Jun 1 07:08:19 	Squid_Alarm[53551]: Attempting restart...
Jun 1 07:08:19 	squid: Bungled squid.conf line 70: reply_body_max_size 0 deny all
Jun 1 07:08:25 	check_reload_status: Reloading filter
Jun 1 07:08:26 	php: /pkg_mgr_install.php: Starting Squid
Jun 1 07:08:26 	squid: Bungled squid.conf line 70: reply_body_max_size 0 deny all
Jun 1 07:08:26 	php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -D' returned exit code '1', the output was '2013/06/01 07:08:26| WARNING: -D command-line option is obsolete. 2013/06/01 07:08:26| WARNING: Netmasks are deprecated. Please use CIDR masks instead. 2013/06/01 07:08:26| WARNING: For now we will assume you meant to write /24 2013/06/01 07:08:26| WARNING: Netmasks are deprecated. Please use CIDR masks instead. 2013/06/01 07:08:26| WARNING: For now we will assume you meant to write /24 2013/06/01 07:08:26| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'. 2013/06/01 07:08:26| SECURITY NOTICE: Overriding config setting. Using 'all' instead. 2013/06/01 07:08:26| WARNING: (B) '0.0.0.0/0' is a subnetwork of (A) '0.0.0.0/0' 2013/06/01 07:08:26| WARNING: because of this '0.0.0.0/0' is ignored to keep splay tree searching predictable 2013/06/01 07:08:26| WARNING: You should probably remove '0.0.0.0/0' from the ACL named 'all' 2013/06/01 07:08:26| WARNING: Netmasks are deprecat
Jun 1 07:08:27 	php: : SQUID is installed but not started. Not installing "nat" rules.
Jun 1 07:08:28 	php: : SQUID is installed but not started. Not installing "pfearly" rules.
Jun 1 07:08:28 	php: : SQUID is installed but not started. Not installing "filter" rules.
Jun 1 07:08:28 	php: : Sending HUP signal to 18623
Jun 1 07:08:36 	check_reload_status: Reloading filter
Jun 1 07:08:36 	check_reload_status: Syncing firewall
Jun 1 07:08:38 	php: : SQUID is installed but not started. Not installing "nat" rules.
Jun 1 07:08:39 	php: : SQUID is installed but not started. Not installing "pfearly" rules.
Jun 1 07:08:39 	php: : SQUID is installed but not started. Not installing "filter" rules.
Jun 1 07:08:39 	php: : Sending HUP signal to 18623
Jun 1 07:08:40 	ipfw-classifyd: Reloading config...
Jun 1 07:08:40 	ipfw-classifyd: Loaded Protocol: bittorrent (rule action block)
Jun 1 07:08:40 	ipfw-classifyd: Loaded Protocol: directconnect (rule action block)
Jun 1 07:08:40 	ipfw-classifyd: Loaded Protocol: edonkey (rule action block)
Jun 1 07:08:40 	ipfw-classifyd: Loaded Protocol: fasttrack (rule action block)
Jun 1 07:08:40 	ipfw-classifyd: Loaded Protocol: gnutella (rule action block)
Jun 1 07:08:40 	ipfw-classifyd: Loaded Protocol: imesh (rule action block)
Jun 1 07:08:40 	ipfw-classifyd: Loaded Protocol: worldofwarcraft (rule action block)

marcelloc

What version of squid are you using?

ternarybit

@marcelloc:

What version of squid are you using?

Squid: 2.7.9 pkg v.4.3.3
squidGuard: 1.4_4 pkg v.1.9.4

ternarybit

The only questionable line I see in the logs is:

squid: Bungled squid.conf line 70: reply_body_max_size 0 deny all

But I did not manually input this directive, and it doesn't say that it's a fatal error. Further, squid used to work just fine!

Any ideas?

Thanks in advance!

pftdm007

I also have problems with Squid (same version as yours) and SG.  My problems are a bit different (about 8 or 9 instances of squidguard running at the same time hence killing the machine) but I believe there is something with 2.0.3 and squid 2.7.9 pkg v.4.3.3 / squidGuard 1.4_4 pkg v.1.9.4

I am not used to FreeBSD at all…. therefore I am not sure what to do to troubleshoot this..

srk3461

Guys, even i'm having the same issue, been using a squid and squidguard for over a month with no problem, now all of a sudden both stopped working outta nowhere. using squid 2.7.9 pkg v.4.3.3 and squidguard 1.4_4 pkg v.1.9.4 on 2.0.3 i386.

The only thing I see on system logs related to squid is "php: : The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '2', the output was 'squid: ERROR: No running copy /usr/local/etc/rc.d/squid.sh: cannot create /dev/null: Operation not supported /usr/local/etc/rc.d/squid.sh: cannot create /dev/null: Operation not supported'"

I tried to manually create that null folder through the shell by 8, but it gives me a error saying "operation not supported"

Any ideas!?

ternarybit

The most recent system-wide change I made before the problems was upgrading from 2.0.2 to 2.0.3. Maybe a regression?

srk3461

@srk3461:

Guys, even i'm having the same issue, been using a squid and squidguard for over a month with no problem, now all of a sudden both stopped working outta nowhere. using squid 2.7.9 pkg v.4.3.3 and squidguard 1.4_4 pkg v.1.9.4 on 2.0.3 i386.

The only thing I see on system logs related to squid is "php: : The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '2', the output was 'squid: ERROR: No running copy /usr/local/etc/rc.d/squid.sh: cannot create /dev/null: Operation not supported /usr/local/etc/rc.d/squid.sh: cannot create /dev/null: Operation not supported'"

I tried to manually create that null folder through the shell by 8, but it gives me a error saying "operation not supported"

Any ideas!?

Weird but it's fixed.. i had to manually reboot my system pfsense :-) b'cos it just wouldn't reboot when i click it!

ternarybit

I tried to start over by removing the squid package and trying both squid3 and squid3-dev (not at the same time). Both of these services would start, but transparent proxying didn't.

I re-installed 2.7.9, which completes without error, but I get this in the logs when I try to start the service:

php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was '/usr/local/etc/rc.d/squid.sh: /usr/local/sbin/squid: not found'

jimp

It's apparently still missing files.

Remove all traces of squid and squidGuard from System > Packages.

From the shell:
pkg_delete *squid*

Then reinstall what you want.

ternarybit

@jimp:

It's apparently still missing files.

Remove all traces of squid and squidGuard from System > Packages.

From the shell:
pkg_delete *squid*

Then reinstall what you want.

It worked :) thank you!