Advanced pfSense setup help. (Multi-package setup issues)

Claw22000

I've spent the last few days playing around with pfSense. Absolutely love it! This is exactly what I have been looking for. I have an Autistic Nephew that likes to put viruses on my computers as well as watch porn (hes 12). So a friend recommended pfSense.

Now down to my issues.

I installed with no hassle no problem on my old server box its a Duel Pentium 4 2.4Ghz with 2 Gigs of ram and a 20 Gig Drive. I have a larger drive but felt this was all that was needed.

I added the havp along with the widgets with no problems and tested it. Awesome results!

I installed Squid3 and got it all setup the way I like it no problem. Set havp to Parent for Squid and all is well.

Setup users, Captive portal, Groups, Mac Pass through for all my devices (i.e Satelite TV ect) setup my DDWRT routers as switches for the wireless. Reconfigured my IP security camera to work with the new NAT (port forwarding). As well as my 2 slingboxes, Wii, Xbox360, cell phones and tablet.

Needless to say I really don't want to reinstall to make my needs happen.

With all this in mind.

After a bit of study I installed Squidguard to use as a porn blocking tool. followed the best instructions I could find (I read many different howtos and watched youtube vids ect).

I could not get the squidguard to start. I went back through all the settings, forums, howtos, youtube, google and so on. nothing I found worked. I then came across and old post suggesting a reboot. Though well I'll give it a shot. Squid3 and Squidguard would not start. Both services were down. I tried reinstalling the package and still would not come back up.

I uninstalled both packages and reinstalled squid3 and its back up.

I would really like to get a filter in for porn and a few extras I saw in the list while I was configuring Squidguard.

If someone could please help I would really appreciate it.

Thanks in advance for taking the time to consider my request.

DrClaw

Gloom

A little more info please.
Is squid set to transparent mode
Is there anything in the system logs when you try to start squid/squidguard
Which interface have you got havp bound to and what port

Claw22000

@Gloom:

A little more info please.
Is squid set to transparent mode
Is there anything in the system logs when you try to start squid/squidguard
Which interface have you got havp bound to and what port

Thats for the reply sorry I'm new to pfSense so I didn't know really where to get the best info to post.

Squid is in transparent mode.

havp is on LAN bound to 3125

so I don't really know which log to get you but here is what I think I should post.

(System Log)

php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 00:54:55 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 00:55:05 check_reload_status: Reloading filter
Sep 3 00:55:05 php: : Not calling package sync code for dependency squidreverse of squid3 because some include files are missing.
Sep 3 00:55:07 php: : Starting Squid
Sep 3 00:55:07 squid[48352]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 00:55:07 php: : The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 00:55:08 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 00:55:08 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 00:55:08 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 00:55:17 check_reload_status: Reloading filter
Sep 3 00:55:19 php: : Starting Squid
Sep 3 00:55:19 squid[57178]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 00:55:19 php: : The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 00:55:20 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 00:55:20 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 00:55:20 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 00:55:29 check_reload_status: Reloading filter
Sep 3 00:55:31 php: : No pfBlocker action during boot process.
Sep 3 00:55:31 php: : No pfBlocker action during boot process.
Sep 3 00:55:31 php: : No pfBlocker action during boot process.
Sep 3 00:55:31 php: : No pfBlocker action during boot process.
Sep 3 00:55:32 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 00:55:32 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 00:55:32 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 00:55:36 php: : Starting Squid
Sep 3 00:55:36 squid[5713]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 00:55:36 php: : The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 00:55:46 check_reload_status: Reloading filter
Sep 3 00:55:47 check_reload_status: Syncing firewall
Sep 3 00:55:49 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 00:55:49 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 00:55:49 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 00:55:49 squid[35344]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 00:55:50 php: : IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.
Sep 3 00:55:51 login: login on ttyv1 as root
Sep 3 00:55:51 login: login on ttyv0 as root
Sep 3 00:55:51 sshlockout[40923]: sshlockout/webConfigurator v3.0 starting up
Sep 3 00:55:54 Squid_Alarm[49807]: Squid has exited. Reconfiguring filter.
Sep 3 00:55:54 Squid_Alarm[50125]: Attempting restart…
Sep 3 00:55:54 squid[51082]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:01:01 php: : DynDns: updatedns() starting
Sep 3 01:01:01 php: : DynDns debug information: 24.118.3.142 extracted from local system.
Sep 3 01:01:01 php: : DynDns: Current WAN IP: 24.118.3.142 Cached IP: 24.118.3.142
Sep 3 01:01:01 php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Sep 3 01:03:33 check_reload_status: Syncing firewall
Sep 3 01:03:33 squid[8257]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:03:38 php: /pkg_mgr_install.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 01:03:39 check_reload_status: Reloading filter
Sep 3 01:03:39 php: /pkg_mgr_install.php: Beginning package installation for squid3.
Sep 3 01:03:41 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 01:03:41 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 01:03:43 check_reload_status: Syncing firewall
Sep 3 01:03:45 php: /pkg_mgr_install.php: Stopping any running proxy monitors
Sep 3 01:03:46 php: /pkg_mgr_install.php: Starting Squid
Sep 3 01:03:46 php: /pkg_mgr_install.php: Starting a proxy monitor script
Sep 3 01:03:46 squid[22008]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:03:49 php: /pkg_mgr_install.php: Starting Squid
Sep 3 01:03:49 squid[27244]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:03:49 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 01:03:51 Squid_Alarm[28799]: Squid has exited. Reconfiguring filter.
Sep 3 01:03:51 Squid_Alarm[29134]: Attempting restart…
Sep 3 01:03:51 squid[30102]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:03:59 check_reload_status: Reloading filter
Sep 3 01:04:02 php: /pkg_mgr_install.php: Starting Squid
Sep 3 01:04:02 squid[52354]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:04:02 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 01:04:02 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 01:04:03 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 01:04:03 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 01:04:12 check_reload_status: Reloading filter
Sep 3 01:04:12 check_reload_status: Syncing firewall
Sep 3 01:04:15 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 01:04:15 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 01:04:15 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 01:05:14 php: /pkg_edit.php: Starting Squid
Sep 3 01:05:14 squid[23348]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:05:14 php: /pkg_edit.php: The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 01:05:24 check_reload_status: Reloading filter
Sep 3 01:05:24 check_reload_status: Syncing firewall
Sep 3 01:05:27 php: /pkg_edit.php: Starting Squid
Sep 3 01:05:27 squid[28787]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:05:27 php: /pkg_edit.php: The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 01:05:27 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 01:05:27 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 01:05:27 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 01:05:37 check_reload_status: Reloading filter
Sep 3 01:05:40 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 01:05:40 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 01:05:40 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 01:05:48 squid[40043]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:05:53 php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 01:05:55 squid[41847]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 01:19:34 check_reload_status: Syncing firewall
Sep 3 01:19:55 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.3: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.3"
Sep 3 01:19:55 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.3: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.3"
Sep 3 01:19:55 sasldblistusers2: SQL engine 'mysql' not supported
Sep 3 01:19:55 sasldblistusers2: SQL engine 'mysql' not supported
Sep 3 01:19:55 sasldblistusers2: auxpropfunc error no mechanism available
Sep 3 01:19:55 sasldblistusers2: auxpropfunc error no mechanism available
Sep 3 01:19:57 check_reload_status: Syncing firewall
Sep 3 01:19:59 php: /pkg_mgr_install.php: Starting Squid
Sep 3 01:19:59 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf' returned exit code '127', the output was '/usr/local/sbin/squid: not found'
Sep 3 01:20:09 check_reload_status: Reloading filter
Sep 3 01:20:09 check_reload_status: Syncing firewall
Sep 3 01:20:11 php: : SQUID is installed but not started. Not installing "nat" rules.
Sep 3 01:20:11 php: : SQUID is installed but not started. Not installing "pfearly" rules.
Sep 3 01:20:12 php: : SQUID is installed but not started. Not installing "filter" rules.
Sep 3 01:21:29 php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was '/usr/local/etc/rc.d/squid.sh: /usr/local/sbin/squid: not found'
Sep 3 01:21:55 check_reload_status: Syncing firewall
Sep 3 01:22:22 php: /pkg_mgr_install.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was '/usr/local/etc/rc.d/squid.sh: /usr/local/sbin/squid: not found'
Sep 3 01:22:23 check_reload_status: Syncing firewall
Sep 3 01:22:23 check_reload_status: Reloading filter
Sep 3 01:24:25 check_reload_status: Syncing firewall
Sep 3 01:24:25 php: /pkg_edit.php: Starting HAVP
Sep 3 01:24:26 check_reload_status: Reloading filter
Sep 3 01:24:28 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:24:28 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:24:28 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:24:30 havp[57522]: === Starting HAVP Version: 0.91
Sep 3 01:24:30 havp[57522]: === Mandatory locking disabled! KEEPBACK settings not used!
Sep 3 01:24:30 havp[57522]: Running as user: havp, group: havp
Sep 3 01:24:30 havp[57522]: Use transparent proxy mode
Sep 3 01:24:30 havp[57522]: –- Initializing Clamd Socket Scanner
Sep 3 01:24:30 havp[57522]: Clamd Socket Scanner passed EICAR virus test (Eicar-Test-Signature)
Sep 3 01:24:30 havp[57522]: –- All scanners initialized
Sep 3 01:24:30 havp[57869]: Process ID: 57869
Sep 3 01:26:59 check_reload_status: Syncing firewall
Sep 3 01:26:59 php: /pkg_mgr_install.php: Beginning package installation for squid3.
Sep 3 01:28:37 check_reload_status: Syncing firewall
Sep 3 01:28:40 php: /pkg_mgr_install.php: Stopping any running proxy monitors
Sep 3 01:28:41 php: /pkg_mgr_install.php: Starting Squid
Sep 3 01:28:41 php: /pkg_mgr_install.php: Starting a proxy monitor script
Sep 3 01:28:41 check_reload_status: Reloading filter
Sep 3 01:28:41 squid[45154]: Squid Parent: child process 45659 started
Sep 3 01:28:43 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:28:43 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:28:44 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:30:14 check_reload_status: Syncing firewall
Sep 3 01:30:14 php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 3 01:30:14 check_reload_status: Reloading filter
Sep 3 01:30:16 php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 3 01:30:17 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:30:17 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:30:17 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:30:40 check_reload_status: Syncing firewall
Sep 3 01:30:42 php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 3 01:30:43 check_reload_status: Reloading filter
Sep 3 01:30:45 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:30:46 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:30:46 php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode.
Sep 3 01:31:04 check_reload_status: Syncing firewall
Sep 3 01:31:04 php: /pkg_edit.php: Starting HAVP
Sep 3 01:31:07 php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 3 01:31:07 check_reload_status: Reloading filter
Sep 3 01:31:08 havp[27752]: === Starting HAVP Version: 0.91
Sep 3 01:31:08 havp[27752]: === Mandatory locking disabled! KEEPBACK settings not used!
Sep 3 01:31:08 havp[27752]: Running as user: havp, group: havp
Sep 3 01:31:08 havp[27752]: –- Initializing Clamd Socket Scanner
Sep 3 01:31:08 havp[27752]: Clamd Socket Scanner passed EICAR virus test (Eicar-Test-Signature)
Sep 3 01:31:08 havp[27752]: –- All scanners initialized
Sep 3 01:31:08 havp[28041]: Process ID: 28041
Sep 3 01:33:02 check_reload_status: Syncing firewall
Sep 3 01:40:40 check_reload_status: Syncing firewall
Sep 3 01:40:47 php: /pkg_mgr_install.php: No pfBlocker action during boot process.
Sep 3 01:40:48 check_reload_status: Reloading filter
Sep 3 11:11:03 php: /index.php: Successful webConfigurator login for user 'claw' from 192.168.1.20
Sep 3 11:11:03 php: /index.php: Successful webConfigurator login for user 'claw' from 192.168.1.20
Sep 3 11:29:12 check_reload_status: Syncing firewall
Sep 3 11:29:12 php: /pkg_mgr_install.php: Beginning package installation for squidGuard.
Sep 3 11:29:19 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.3: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.3"
Sep 3 11:29:19 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.3: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.3"
Sep 3 11:29:19 saslpasswd2: SQL engine 'mysql' not supported
Sep 3 11:29:19 saslpasswd2: SQL engine 'mysql' not supported
Sep 3 11:29:19 saslpasswd2: auxpropfunc error no mechanism available
Sep 3 11:29:19 saslpasswd2: auxpropfunc error no mechanism available
Sep 3 11:29:19 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.3: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.3"
Sep 3 11:29:19 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.3: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.3"
Sep 3 11:29:19 sasldblistusers2: SQL engine 'mysql' not supported
Sep 3 11:29:19 sasldblistusers2: SQL engine 'mysql' not supported
Sep 3 11:29:19 sasldblistusers2: auxpropfunc error no mechanism available
Sep 3 11:29:19 sasldblistusers2: auxpropfunc error no mechanism available
Sep 3 11:29:19 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.3: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.3"
Sep 3 11:29:19 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.3: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.3"
Sep 3 11:29:19 saslpasswd2: SQL engine 'mysql' not supported
Sep 3 11:29:19 saslpasswd2: SQL engine 'mysql' not supported
Sep 3 11:29:19 saslpasswd2: auxpropfunc error no mechanism available
Sep 3 11:29:19 saslpasswd2: auxpropfunc error no mechanism available
Sep 3 11:30:30 check_reload_status: Syncing firewall
Sep 3 11:30:31 check_reload_status: Reloading filter
Sep 3 11:37:35 php: /index.php: Successful webConfigurator login for user 'claw' from 192.168.1.20
Sep 3 11:37:35 php: /index.php: Successful webConfigurator login for user 'claw' from 192.168.1.20
Sep 3 12:42:02 check_reload_status: Syncing firewall
Sep 3 12:42:05 php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 3 12:42:05 squid[298]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 12:42:05 php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'
Sep 3 12:42:05 check_reload_status: Reloading filter
Sep 3 12:42:10 php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 3 12:42:10 squid[13625]: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept
Sep 3 12:42:10 php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'

(SquidGuard Filter GUI Log)

03.09.2013 12:42:07 [squid_reconfigure] Add new redirector options to Squid config.
03.09.2013 12:42:07 [squid_reconfigure] Remove old redirector options from Squid config.
03.09.2013 12:42:07 [sg_reconfigure] Save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
03.09.2013 12:42:07 [sg_redirector_base_url] Select redirector base url (http://192.168.1.1:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
03.09.2013 12:42:07 [sg_create_config] Add Default
03.09.2013 12:42:07 [sg_create_config] Add ACL's: ClawAllowPass;
03.09.2013 12:42:07 [sg_create_config] Add rewrites: safesearch;
03.09.2013 12:42:07 [sg_create_config] Added: blk_BL_adv; blk_BL_aggressive; blk_BL_alcohol; blk_BL_anonvpn; blk_BL_automobile_bikes; blk_BL_automobile_boats; blk_BL_automobile_cars; blk_BL_automobile_planes; blk_BL_chat; blk_BL_costtraps; blk_BL_dating; blk_BL_downloads; blk_BL_drugs; blk_BL_dynamic; blk_BL_education_schools; blk_BL_finance_banking; blk_BL_finance_insurance; blk_BL_finance_moneylending; blk_BL_finance_other; blk_BL_finance_realestate; blk_BL_finance_trading; blk_BL_fortunetelling; blk_BL_forum; blk_BL_gamble; blk_BL_government; blk_BL_hacking; blk_BL_hobby_cooking; blk_BL_hobby_games-misc; blk_BL_hobby_games-online; blk_BL_hobby_gardening; blk_BL_hobby_pets; blk_BL_homestyle; blk_BL_hospitals; blk_BL_imagehosting; blk_BL_isp; blk_BL_jobsearch; blk_BL_library; blk_BL_military; blk_BL_models; blk_BL_movies; blk_BL_music; blk_BL_news; blk_BL_podcasts; blk_BL_politics; blk_BL_porn; blk_BL_radiotv; blk_BL_recreation_humor; blk_BL_recreation_martialarts; blk_BL_recreation_restaurants; blk_BL_recreation_sports; blk_BL_recreation_travel; blk_BL_recreation_wellness; blk_BL_redirector; blk_BL_religion; blk_BL_remotecontrol; blk_BL_ringtones; blk_BL_science_astronomy; blk_BL_science_chemistry; blk_BL_searchengines; blk_BL_sex_education; blk_BL_sex_lingerie; blk_BL_shopping; blk_BL_socialnet; blk_BL_spyware; blk_BL_tracker; blk_BL_updatesites; blk_BL_urlshortener; blk_BL_violence; blk_BL_warez; blk_BL_weapons; blk_BL_webmail; blk_BL_webphone; blk_BL_webradio; blk_BL_webtv; .
03.09.2013 12:42:07 [sg_create_config] Add blacklist entries
03.09.2013 12:42:07 [sg_create_config] Add sources: ClawAllowPass
03.09.2013 12:42:07 [sg_reconfigure_user_db] Warning User destinations list empty.
03.09.2013 12:42:07 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
03.09.2013 12:42:02 [squid_reconfigure] Add new redirector options to Squid config.
03.09.2013 12:42:02 [squid_reconfigure] Remove old redirector options from Squid config.
03.09.2013 12:42:02 [sg_reconfigure] Save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
03.09.2013 12:42:02 [sg_redirector_base_url] Select redirector base url (http://192.168.1.1:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
03.09.2013 12:42:02 [sg_create_config] Add Default
03.09.2013 12:42:02 [sg_create_config] Add ACL's: ClawAllowPass;
03.09.2013 12:42:02 [sg_create_config] Add rewrites: safesearch;
03.09.2013 12:42:02 [sg_create_config] Added: blk_BL_adv; blk_BL_aggressive; blk_BL_alcohol; blk_BL_anonvpn; blk_BL_automobile_bikes; blk_BL_automobile_boats; blk_BL_automobile_cars; blk_BL_automobile_planes; blk_BL_chat; blk_BL_costtraps; blk_BL_dating; blk_BL_downloads; blk_BL_drugs; blk_BL_dynamic; blk_BL_education_schools; blk_BL_finance_banking; blk_BL_finance_insurance; blk_BL_finance_moneylending; blk_BL_finance_other; blk_BL_finance_realestate; blk_BL_finance_trading; blk_BL_fortunetelling; blk_BL_forum; blk_BL_gamble; blk_BL_government; blk_BL_hacking; blk_BL_hobby_cooking; blk_BL_hobby_games-misc; blk_BL_hobby_games-online; blk_BL_hobby_gardening; blk_BL_hobby_pets; blk_BL_homestyle; blk_BL_hospitals; blk_BL_imagehosting; blk_BL_isp; blk_BL_jobsearch; blk_BL_library; blk_BL_military; blk_BL_models; blk_BL_movies; blk_BL_music; blk_BL_news; blk_BL_podcasts; blk_BL_politics; blk_BL_porn; blk_BL_radiotv; blk_BL_recreation_humor; blk_BL_recreation_martialarts; blk_BL_recreation_restaurants; blk_BL_recreation_sports; blk_BL_recreation_travel; blk_BL_recreation_wellness; blk_BL_redirector; blk_BL_religion; blk_BL_remotecontrol; blk_BL_ringtones; blk_BL_science_astronomy; blk_BL_science_chemistry; blk_BL_searchengines; blk_BL_sex_education; blk_BL_sex_lingerie; blk_BL_shopping; blk_BL_socialnet; blk_BL_spyware; blk_BL_tracker; blk_BL_updatesites; blk_BL_urlshortener; blk_BL_violence; blk_BL_warez; blk_BL_weapons; blk_BL_webmail; blk_BL_webphone; blk_BL_webradio; blk_BL_webtv; .
03.09.2013 12:42:02 [sg_create_config] Add blacklist entries
03.09.2013 12:42:02 [sg_create_config] Add sources: ClawAllowPass
03.09.2013 12:42:02 [sg_reconfigure_user_db] Warning User destinations list empty.
03.09.2013 12:42:02 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
03.09.2013 11:30:31 [squid_reconfigure] Add new redirector options to Squid config.
03.09.2013 11:30:31 [squid_reconfigure] Remove old redirector options from Squid config.
03.09.2013 11:30:31 [sg_reconfigure] Save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
03.09.2013 11:30:31 [sg_redirector_base_url] Select redirector base url (http://192.168.1.1:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
03.09.2013 11:30:31 [sg_create_config] Add Default
03.09.2013 11:30:31 [sg_create_config] Add ACL's: ClawAllowPass;
03.09.2013 11:30:31 [sg_create_config] Add rewrites: safesearch;
03.09.2013 11:30:31 [sg_create_config] Added: blk_BL_adv; blk_BL_aggressive; blk_BL_alcohol; blk_BL_anonvpn; blk_BL_automobile_bikes; blk_BL_automobile_boats; blk_BL_automobile_cars; blk_BL_automobile_planes; blk_BL_chat; blk_BL_costtraps; blk_BL_dating; blk_BL_downloads; blk_BL_drugs; blk_BL_dynamic; blk_BL_education_schools; blk_BL_finance_banking; blk_BL_finance_insurance; blk_BL_finance_moneylending; blk_BL_finance_other; blk_BL_finance_realestate; blk_BL_finance_trading; blk_BL_fortunetelling; blk_BL_forum; blk_BL_gamble; blk_BL_government; blk_BL_hacking; blk_BL_hobby_cooking; blk_BL_hobby_games-misc; blk_BL_hobby_games-online; blk_BL_hobby_gardening; blk_BL_hobby_pets; blk_BL_homestyle; blk_BL_hospitals; blk_BL_imagehosting; blk_BL_isp; blk_BL_jobsearch; blk_BL_library; blk_BL_military; blk_BL_models; blk_BL_movies; blk_BL_music; blk_BL_news; blk_BL_podcasts; blk_BL_politics; blk_BL_porn; blk_BL_radiotv; blk_BL_recreation_humor; blk_BL_recreation_martialarts; blk_BL_recreation_restaurants; blk_BL_recreation_sports; blk_BL_recreation_travel; blk_BL_recreation_wellness; blk_BL_redirector; blk_BL_religion; blk_BL_remotecontrol; blk_BL_ringtones; blk_BL_science_astronomy; blk_BL_science_chemistry; blk_BL_searchengines; blk_BL_sex_education; blk_BL_sex_lingerie; blk_BL_shopping; blk_BL_socialnet; blk_BL_spyware; blk_BL_tracker; blk_BL_updatesites; blk_BL_urlshortener; blk_BL_violence; blk_BL_warez; blk_BL_weapons; blk_BL_webmail; blk_BL_webphone; blk_BL_webradio; blk_BL_webtv; .
03.09.2013 11:30:31 [sg_create_config] Add blacklist entries
03.09.2013 11:30:31 [sg_create_config] Add sources: ClawAllowPass
03.09.2013 11:30:31 [sg_reconfigure_user_db] Warning User destinations list empty.
03.09.2013 11:30:31 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
03.09.2013 11:30:30 [squid_reconfigure] Add new redirector options to Squid config.
03.09.2013 11:30:30 [squid_reconfigure] Remove old redirector options from Squid config.
03.09.2013 11:30:30 [sg_reconfigure] Save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
03.09.2013 11:30:30 [sg_redirector_base_url] Select redirector base url (http://192.168.1.1:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
03.09.2013 11:30:30 [sg_create_config] Add Default
03.09.2013 11:30:30 [sg_create_config] Add ACL's: ClawAllowPass;
03.09.2013 11:30:30 [sg_create_config] Add rewrites: safesearch;
03.09.2013 11:30:30 [sg_create_config] Added: blk_BL_adv; blk_BL_aggressive; blk_BL_alcohol; blk_BL_anonvpn; blk_BL_automobile_bikes; blk_BL_automobile_boats; blk_BL_automobile_cars; blk_BL_automobile_planes; blk_BL_chat; blk_BL_costtraps; blk_BL_dating; blk_BL_downloads; blk_BL_drugs; blk_BL_dynamic; blk_BL_education_schools; blk_BL_finance_banking; blk_BL_finance_insurance; blk_BL_finance_moneylending; blk_BL_finance_other; blk_BL_finance_realestate; blk_BL_finance_trading; blk_BL_fortunetelling; blk_BL_forum; blk_BL_gamble; blk_BL_government; blk_BL_hacking; blk_BL_hobby_cooking; blk_BL_hobby_games-misc; blk_BL_hobby_games-online; blk_BL_hobby_gardening; blk_BL_hobby_pets; blk_BL_homestyle; blk_BL_hospitals; blk_BL_imagehosting; blk_BL_isp; blk_BL_jobsearch; blk_BL_library; blk_BL_military; blk_BL_models; blk_BL_movies; blk_BL_music; blk_BL_news; blk_BL_podcasts; blk_BL_politics; blk_BL_porn; blk_BL_radiotv; blk_BL_recreation_humor; blk_BL_recreation_martialarts; blk_BL_recreation_restaurants; blk_BL_recreation_sports; blk_BL_recreation_travel; blk_BL_recreation_wellness; blk_BL_redirector; blk_BL_religion; blk_BL_remotecontrol; blk_BL_ringtones; blk_BL_science_astronomy; blk_BL_science_chemistry; blk_BL_searchengines; blk_BL_sex_education; blk_BL_sex_lingerie; blk_BL_shopping; blk_BL_socialnet; blk_BL_spyware; blk_BL_tracker; blk_BL_updatesites; blk_BL_urlshortener; blk_BL_violence; blk_BL_warez; blk_BL_weapons; blk_BL_webmail; blk_BL_webphone; blk_BL_webradio; blk_BL_webtv; .
03.09.2013 11:30:30 [sg_create_config] Add blacklist entries
03.09.2013 11:30:30 [sg_create_config] Add sources: ClawAllowPass
03.09.2013 11:30:30 [sg_reconfigure_user_db] Warning User destinations list empty.
03.09.2013 11:30:30 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
03.09.2013 11:30:30 [squid_reconfigure] Add new redirector options to Squid config.
03.09.2013 11:30:30 [squid_reconfigure] Remove old redirector options from Squid config.

(SquidGuard Filter Log)

02.09.2013 18:14:48 squidGuard stopped (1378163688.008)
02.09.2013 18:14:48 db update done

(SquidGuard Proxy Config

This file is automatically generated by pfSense

Do not edit manually !

http_port 192.168.1.1:3128
http_port 127.0.0.1:3128 intercept
icp_port 7
dns_v4_first on
pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_default_language en
icon_directory /usr/local/etc/squid/icons
visible_hostname proxy.OuterNet.localhost
cache_mgr kunjmail@comcast.net
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
sslcrtd_children 0
logfile_rotate 31
shutdown_lifetime 3 seconds

Allow local network(s) on interface(s)

acl localnet src 192.168.1.0/24
httpd_suppress_version_string on
uri_whitespace strip

acl dynamic urlpath_regex cgi-bin ?
cache deny dynamic
cache_mem 128 MB
maximum_object_size_in_memory 5120 KB
memory_replacement_policy heap LFUDA
cache_replacement_policy heap LFUDA
cache_dir ufs /var/squid/cache 14000 16 256
minimum_object_size 0 KB
maximum_object_size 102400 KB
offline_mode offcache_swap_low 90
cache_swap_high 95

No redirector configured

#Remote proxies

Setup some default acls

acl allsrc src all
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 1025-65535
acl sslports port 443 563
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT

Define protocols used for redirects

acl HTTP proto HTTP
acl HTTPS proto HTTPS

http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow allsrc

Reverse Proxy settings

Package Integration

never_direct allow all
cache_peer 127.0.0.1 parent 3125 0 name=havp no-query no-digest no-netdb-exchange default

redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass off
url_rewrite_children 5

Custom options

Setup allowed acls

Allow local network(s) on interface(s)

http_access allow localnet

Default block all to be sure

http_access deny allsrc

(SquidGuard Filter Config)

============================================================

SquidGuard configuration file

This file generated automaticly with SquidGuard configurator

(C)2006 Serg Dvoriancev

email: dv_serg@mail.ru

============================================================

logdir /var/squidGuard/log
dbhome /var/db/squidGuard

src ClawAllowPass {
ip 192.168.1.20
}

dest blk_BL_adv {
domainlist blk_BL_adv/domains
urllist blk_BL_adv/urls
log block.log
}

dest blk_BL_aggressive {
domainlist blk_BL_aggressive/domains
urllist blk_BL_aggressive/urls
log block.log
}

dest blk_BL_alcohol {
domainlist blk_BL_alcohol/domains
urllist blk_BL_alcohol/urls
log block.log
}

dest blk_BL_anonvpn {
domainlist blk_BL_anonvpn/domains
urllist blk_BL_anonvpn/urls
log block.log
}

dest blk_BL_automobile_bikes {
domainlist blk_BL_automobile_bikes/domains
urllist blk_BL_automobile_bikes/urls
log block.log
}

dest blk_BL_automobile_boats {
domainlist blk_BL_automobile_boats/domains
urllist blk_BL_automobile_boats/urls
log block.log
}

dest blk_BL_automobile_cars {
domainlist blk_BL_automobile_cars/domains
urllist blk_BL_automobile_cars/urls
log block.log
}

dest blk_BL_automobile_planes {
domainlist blk_BL_automobile_planes/domains
urllist blk_BL_automobile_planes/urls
log block.log
}

dest blk_BL_chat {
domainlist blk_BL_chat/domains
urllist blk_BL_chat/urls
log block.log
}

dest blk_BL_costtraps {
domainlist blk_BL_costtraps/domains
urllist blk_BL_costtraps/urls
log block.log
}

dest blk_BL_dating {
domainlist blk_BL_dating/domains
urllist blk_BL_dating/urls
log block.log
}

dest blk_BL_downloads {
domainlist blk_BL_downloads/domains
urllist blk_BL_downloads/urls
log block.log
}

dest blk_BL_drugs {
domainlist blk_BL_drugs/domains
urllist blk_BL_drugs/urls
log block.log
}

dest blk_BL_dynamic {
domainlist blk_BL_dynamic/domains
urllist blk_BL_dynamic/urls
log block.log
}

dest blk_BL_education_schools {
domainlist blk_BL_education_schools/domains
urllist blk_BL_education_schools/urls
log block.log
}

dest blk_BL_finance_banking {
domainlist blk_BL_finance_banking/domains
urllist blk_BL_finance_banking/urls
log block.log
}

dest blk_BL_finance_insurance {
domainlist blk_BL_finance_insurance/domains
urllist blk_BL_finance_insurance/urls
log block.log
}

dest blk_BL_finance_moneylending {
domainlist blk_BL_finance_moneylending/domains
urllist blk_BL_finance_moneylending/urls
log block.log
}

dest blk_BL_finance_other {
domainlist blk_BL_finance_other/domains
urllist blk_BL_finance_other/urls
log block.log
}

dest blk_BL_finance_realestate {
domainlist blk_BL_finance_realestate/domains
urllist blk_BL_finance_realestate/urls
log block.log
}

dest blk_BL_finance_trading {
domainlist blk_BL_finance_trading/domains
urllist blk_BL_finance_trading/urls
log block.log
}

dest blk_BL_fortunetelling {
domainlist blk_BL_fortunetelling/domains
urllist blk_BL_fortunetelling/urls
log block.log
}

dest blk_BL_forum {
domainlist blk_BL_forum/domains
urllist blk_BL_forum/urls
log block.log
}

dest blk_BL_gamble {
domainlist blk_BL_gamble/domains
urllist blk_BL_gamble/urls
log block.log
}

dest blk_BL_government {
domainlist blk_BL_government/domains
urllist blk_BL_government/urls
log block.log
}

dest blk_BL_hacking {
domainlist blk_BL_hacking/domains
urllist blk_BL_hacking/urls
log block.log
}

dest blk_BL_hobby_cooking {
domainlist blk_BL_hobby_cooking/domains
urllist blk_BL_hobby_cooking/urls
log block.log
}

dest blk_BL_hobby_games-misc {
domainlist blk_BL_hobby_games-misc/domains
urllist blk_BL_hobby_games-misc/urls
log block.log
}

dest blk_BL_hobby_games-online {
domainlist blk_BL_hobby_games-online/domains
urllist blk_BL_hobby_games-online/urls
log block.log
}

dest blk_BL_hobby_gardening {
domainlist blk_BL_hobby_gardening/domains
urllist blk_BL_hobby_gardening/urls
log block.log
}

dest blk_BL_hobby_pets {
domainlist blk_BL_hobby_pets/domains
urllist blk_BL_hobby_pets/urls
log block.log
}

dest blk_BL_homestyle {
domainlist blk_BL_homestyle/domains
urllist blk_BL_homestyle/urls
log block.log
}

dest blk_BL_hospitals {
domainlist blk_BL_hospitals/domains
urllist blk_BL_hospitals/urls
log block.log
}

dest blk_BL_imagehosting {
domainlist blk_BL_imagehosting/domains
urllist blk_BL_imagehosting/urls
log block.log
}

dest blk_BL_isp {
domainlist blk_BL_isp/domains
urllist blk_BL_isp/urls
log block.log
}

dest blk_BL_jobsearch {
domainlist blk_BL_jobsearch/domains
urllist blk_BL_jobsearch/urls
log block.log
}

dest blk_BL_library {
domainlist blk_BL_library/domains
urllist blk_BL_library/urls
log block.log
}

dest blk_BL_military {
domainlist blk_BL_military/domains
urllist blk_BL_military/urls
log block.log
}

dest blk_BL_models {
domainlist blk_BL_models/domains
urllist blk_BL_models/urls
log block.log
}

dest blk_BL_movies {
domainlist blk_BL_movies/domains
urllist blk_BL_movies/urls
log block.log
}

dest blk_BL_music {
domainlist blk_BL_music/domains
urllist blk_BL_music/urls
log block.log
}

dest blk_BL_news {
domainlist blk_BL_news/domains
urllist blk_BL_news/urls
log block.log
}

dest blk_BL_podcasts {
domainlist blk_BL_podcasts/domains
urllist blk_BL_podcasts/urls
log block.log
}

dest blk_BL_politics {
domainlist blk_BL_politics/domains
urllist blk_BL_politics/urls
log block.log
}

dest blk_BL_porn {
domainlist blk_BL_porn/domains
urllist blk_BL_porn/urls
log block.log
}

dest blk_BL_radiotv {
domainlist blk_BL_radiotv/domains
urllist blk_BL_radiotv/urls
log block.log
}

dest blk_BL_recreation_humor {
domainlist blk_BL_recreation_humor/domains
urllist blk_BL_recreation_humor/urls
log block.log
}

dest blk_BL_recreation_martialarts {
domainlist blk_BL_recreation_martialarts/domains
urllist blk_BL_recreation_martialarts/urls
log block.log
}

dest blk_BL_recreation_restaurants {
domainlist blk_BL_recreation_restaurants/domains
urllist blk_BL_recreation_restaurants/urls
log block.log
}

dest blk_BL_recreation_sports {
domainlist blk_BL_recreation_sports/domains
urllist blk_BL_recreation_sports/urls
log block.log
}

dest blk_BL_recreation_travel {
domainlist blk_BL_recreation_travel/domains
urllist blk_BL_recreation_travel/urls
log block.log
}

dest blk_BL_recreation_wellness {
domainlist blk_BL_recreation_wellness/domains
urllist blk_BL_recreation_wellness/urls
log block.log
}

dest blk_BL_redirector {
domainlist blk_BL_redirector/domains
urllist blk_BL_redirector/urls
log block.log
}

dest blk_BL_religion {
domainlist blk_BL_religion/domains
urllist blk_BL_religion/urls
log block.log
}

dest blk_BL_remotecontrol {
domainlist blk_BL_remotecontrol/domains
urllist blk_BL_remotecontrol/urls
log block.log
}

dest blk_BL_ringtones {
domainlist blk_BL_ringtones/domains
urllist blk_BL_ringtones/urls
log block.log
}

dest blk_BL_science_astronomy {
domainlist blk_BL_science_astronomy/domains
urllist blk_BL_science_astronomy/urls
log block.log
}

dest blk_BL_science_chemistry {
domainlist blk_BL_science_chemistry/domains
urllist blk_BL_science_chemistry/urls
log block.log
}

dest blk_BL_searchengines {
domainlist blk_BL_searchengines/domains
urllist blk_BL_searchengines/urls
log block.log
}

dest blk_BL_sex_education {
domainlist blk_BL_sex_education/domains
urllist blk_BL_sex_education/urls
log block.log
}

dest blk_BL_sex_lingerie {
domainlist blk_BL_sex_lingerie/domains
urllist blk_BL_sex_lingerie/urls
log block.log
}

dest blk_BL_shopping {
domainlist blk_BL_shopping/domains
urllist blk_BL_shopping/urls
log block.log
}

dest blk_BL_socialnet {
domainlist blk_BL_socialnet/domains
urllist blk_BL_socialnet/urls
log block.log
}

dest blk_BL_spyware {
domainlist blk_BL_spyware/domains
urllist blk_BL_spyware/urls
log block.log
}

dest blk_BL_tracker {
domainlist blk_BL_tracker/domains
urllist blk_BL_tracker/urls
log block.log
}

dest blk_BL_updatesites {
domainlist blk_BL_updatesites/domains
urllist blk_BL_updatesites/urls
log block.log
}

dest blk_BL_urlshortener {
domainlist blk_BL_urlshortener/domains
urllist blk_BL_urlshortener/urls
log block.log
}

dest blk_BL_violence {
domainlist blk_BL_violence/domains
urllist blk_BL_violence/urls
log block.log
}

dest blk_BL_warez {
domainlist blk_BL_warez/domains
urllist blk_BL_warez/urls
log block.log
}

dest blk_BL_weapons {
domainlist blk_BL_weapons/domains
urllist blk_BL_weapons/urls
log block.log
}

dest blk_BL_webmail {
domainlist blk_BL_webmail/domains
urllist blk_BL_webmail/urls
log block.log
}

dest blk_BL_webphone {
domainlist blk_BL_webphone/domains
urllist blk_BL_webphone/urls
log block.log
}

dest blk_BL_webradio {
domainlist blk_BL_webradio/domains
urllist blk_BL_webradio/urls
log block.log
}

dest blk_BL_webtv {
domainlist blk_BL_webtv/domains
urllist blk_BL_webtv/urls
log block.log
}

rew safesearch {
s@(google../search?.q=.)@&safe=active@i
s@(google../images.q=.)@&safe=active@i
s@(google../groups.q=.)@&safe=active@i
s@(google../news.q=.)@&safe=active@i
s@(yandex../yandsearch?.text=.)@&fyandex=1@i
s@(search.yahoo../search.p=.)@&vm=r&v=1@i
s@(search.live../.q=.)@&adlt=strict@i
s@(search.msn../.q=.)@&adlt=strict@i
s@(.bing..*/.q=.)@&adlt=strict@i
log block.log
}

acl {

ClawAllowPass {
pass all
}

default {
pass !in-addr !blk_BL_porn !blk_BL_redirector !blk_BL_spyware blk_BL_adv blk_BL_aggressive blk_BL_alcohol blk_BL_anonvpn blk_BL_automobile_bikes blk_BL_automobile_boats blk_BL_automobile_cars blk_BL_automobile_planes blk_BL_chat blk_BL_costtraps blk_BL_dating blk_BL_downloads blk_BL_drugs blk_BL_dynamic blk_BL_education_schools blk_BL_finance_banking blk_BL_finance_insurance blk_BL_finance_moneylending blk_BL_finance_other blk_BL_finance_realestate blk_BL_finance_trading blk_BL_fortunetelling blk_BL_forum blk_BL_gamble blk_BL_government blk_BL_hacking blk_BL_hobby_cooking blk_BL_hobby_games-misc blk_BL_hobby_games-online blk_BL_hobby_gardening blk_BL_hobby_pets blk_BL_homestyle blk_BL_hospitals blk_BL_imagehosting blk_BL_isp blk_BL_jobsearch blk_BL_library blk_BL_military blk_BL_models blk_BL_movies blk_BL_music blk_BL_news blk_BL_podcasts blk_BL_politics blk_BL_radiotv blk_BL_recreation_humor blk_BL_recreation_martialarts blk_BL_recreation_restaurants blk_BL_recreation_sports blk_BL_recreation_travel blk_BL_recreation_wellness blk_BL_religion blk_BL_remotecontrol blk_BL_ringtones blk_BL_science_astronomy blk_BL_science_chemistry blk_BL_searchengines blk_BL_sex_education blk_BL_sex_lingerie blk_BL_shopping blk_BL_socialnet blk_BL_tracker blk_BL_updatesites blk_BL_urlshortener blk_BL_violence blk_BL_warez blk_BL_weapons blk_BL_webmail blk_BL_webphone blk_BL_webradio blk_BL_webtv all
redirect http://192.168.1.1:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
}
}

I didn't see any log options for Squid it self.

However I did notice durring the install of Squidguard it installed squidlight? is this somthing that will conflict with the already installed squid3?

Thanks so much for you help

avp

Which version of pfSense are you using?

Which squid pkg have you installed?

I've fought with pf +Squid + HAVP + SG for quite some time. I usually come out on top, but sometimes it takes time… So I would say there is a way to get it to work, just need to work through the issues...

Claw22000

@avp:

Which version of pfSense are you using?

Which squid pkg have you installed?

I've fought with pf +Squid + HAVP + SG for quite some time. I usually come out on top, but sometimes it takes time… So I would say there is a way to get it to work, just need to work through the issues...

2.0.3-RELEASE (i386)
built on Fri Apr 12 10:22:21 EDT 2013
FreeBSD 8.1-RELEASE-p13

Squid3 3.1.20 pkg 2.0.6

So do I have to install the pkgs in that order? I installed hvap then squid then SG.

Thanks again for everyone looking in to this for me.

avp

So right now you have squid3 running, with havp, in transparent proxy mode? And you haven't tried to install SG again yet?

Is that about right?

Claw22000

because the previous poster asked me about logs I installed SG again to see if I could find anything for them. So it is installed and SG is again not running. I'm sure if I restarted the server right now both services would be down.

avp

try SSHing into the pfsense box (You need to enable SSH under System/Advanced). ( ssh admin@ <pf ip="">or use Putty on Windows)

change to

/usr/local/etc/rc.d

and then

./squid.sh start

and see if there is an error

(I'm on 2.1RC, but I imagine the directories would be the same…)</pf>

Claw22000

@Claw22000:

because the previous poster asked me about logs I installed SG again to see if I could find anything for them. So it is installed and SG is again not running. I'm sure if I restarted the server right now both services would be down.

The first time I tried it. I got nothing. However thats because squid was still running. So I wen to Status > Services, and stopped the service. Then went back to the shell and tried again.

This is what I got

FATAL: Unable to open configuration file: /usr/local/etc/squid/squid.conf: (13) Permission denied
Squid Cache (Version 2.7.STABLE9): Terminated abnormally.
CPU Usage: 0.007 seconds = 0.007 user + 0.000 sys
Maximum Resident Size: 1348 KB
Page faults with physical i/o: 0
Abort trap

I went back to the services and tried starting it there and it still won't start.

Claw22000

For lack of a better Idea I tried uninstalling the pkgs and installing them in reverse order and no that does not work. So I will wait till I'm instructed to do something further as I am completely clueless as to what to try next.

Thanks to all who take the time to assist.

Gloom

Your squid.conf has an error in it. The line http_port 127.0.0.1:3128 intercept should read http_port 127.0.0.1:3128 transparent

If it still acts up after the change please post you squid.conf

avp

To me, it sounds like there are a couple of issues:

1. "Squid Cache (Version 2.7.STABLE9)" sounds like Squid v2.7 - I seem to recall, that maybe if you install SG, a certain version, it may install Squid 2.7 automatically. This may or may not be an issue.

2. in the same dir as before, do "less squid.sh", paste the contents of squid.sh here.

3. do "find / -name squid.sh" to locate all instances of squid.conf.

I'm wondering if your system is trying to use squid2.7, and squid 2.7 either doesn't have a conf file, or doesn't have one configured correctly for pf.

4. do a "pkg_info", it will list all installed packages, paste here

avp

If there is a squid.conf at /usr/local/etc/squid/squid.conf, what are the permissions on it?

do an "ls -l"

If the file is there, paste its contents too.

Claw22000

@Gloom:

Your squid.conf has an error in it. The line http_port 127.0.0.1:3128 intercept should read http_port 127.0.0.1:3128 transparent

If it still acts up after the change please post you squid.conf

I have checked more that once and it is set as transparent in Services > Proxy Server.

I have also edited the file and changed the setting.

@avp:

To me, it sounds like there are a couple of issues:

1. "Squid Cache (Version 2.7.STABLE9)" sounds like Squid v2.7 - I seem to recall, that maybe if you install SG, a certain version, it may install Squid 2.7 automatically. This may or may not be an issue.

2. in the same dir as before, do "less squid.sh", paste the contents of squid.sh here.

3. do "find / -name squid.sh" to locate all instances of squid.conf.

I'm wondering if your system is trying to use squid2.7, and squid 2.7 either doesn't have a conf file, or doesn't have one configured correctly for pf.

4. do a "pkg_info", it will list all installed packages, paste here

@avp:

If there is a squid.conf at /usr/local/etc/squid/squid.conf, what are the permissions on it?

do an "ls -l"

If the file is there, paste its contents too.

Ok here goes (I've noticed theres an formatting command in this so I added spaces to fix this. The spaces are not in the real file just this example to prevent the site from slashin out the writing.)

less squid.sh
#!/bin/sh

This file was automatically generated

by the pfSense service handler.

rc_start() {
if [ -z "ps auxw | grep "[ s ]quid "|awk '{print $2}'" ];then
/usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf
fi

}

rc_stop() {
/usr/local/sbin/squid -k shutdown -f /usr/local/etc/squid/squid.conf

Just to be sure…

sleep 5
killall -9 squid 2>/dev/null
killall pinger 2>/dev/null

}

case $1 in
start)
rc_start
;;
stop)
rc_stop
;;
restart)
rc_stop
rc_start
;;
esac

find / -name squid.sh
find: /etc/ntp: Permission denied
/usr/local/etc/rc.d/squid.sh
find: /var/spool/opielocks: Permission denied
find: /var/log/squid: Permission denied
find: /var/heimdal: Permission denied
find: /var/db/ipf: Permission denied
find: /var/db/freebsd-update: Permission denied
find: /var/db/entropy: Permission denied
find: /var/cron: Permission denied
find: /var/crash: Permission denied
find: /var/backups: Permission denied
find: /var/audit: Permission denied
find: /var/squid/cache: Permission denied
find: /tmp/lighttpdcompress/javascript: Permission denied

pkg_info
arc-5.21p Create & extract files from DOS .ARC files
arj-3.10.22_4 Open-source ARJ
bsdinstaller-2.0.2013.0412 BSD Installer mega-package
clamav-0.97.5_1 Command line virus scanner written entirely in C
cyrus-sasl-2.1.23_3 RFC 2222 SASL (Simple Authentication and Security Layer)
cyrus-sasl-2.1.26_2 RFC 2222 SASL (Simple Authentication and Security Layer)
db41-4.1.25_4 The Berkeley DB package, revision 4.1
gettext-0.18.1.1 GNU gettext package
havp-0.91_1 HTTP Antivirus Proxy
lha-1.14i_6 Archive files using LZSS and Huffman compression (.lzh file
libiconv-1.14 A character set conversion library
libltdl-2.4.2 System independent dlopen wrapper
libwww-5.4.0_4 The W3C Reference Library
openldap-client-2.4.31_1 Open source LDAP client implementation
openldap-client-2.4.35 Open source LDAP client implementation
perl-5.14.2_3 Practical Extraction and Report Language
perl-threaded-5.12.4_4 Practical Extraction and Report Language
sqlite3-3.7.17_1 SQL database engine in a C library
squid-2.7.9_4 HTTP Caching Proxy
squid-3.1.20 HTTP Caching Proxy
squidGuard-1.4_4 A fast redirector for squid
unzoo-4.4_2 A zoo archive extractor

ls -l
total 318
-rw-r----- 1 proxy proxy 419 Sep 3 20:06 cachemgr.conf
-r--r--r-- 1 proxy proxy 419 Jun 19 2012 cachemgr.conf.default
-rw-r----- 1 proxy proxy 1547 Sep 3 20:10 errorpage.css
-r--r--r-- 1 proxy proxy 1547 Jun 19 2012 errorpage.css.default
drwxr-xr-x 81 proxy proxy 3072 Sep 3 20:10 errors
drwxr-xr-x 2 proxy proxy 1024 Sep 3 20:09 icons
-r--r--r-- 1 proxy proxy 30845 Jun 19 2012 mib.txt
-rw-r----- 1 proxy proxy 11651 Sep 3 20:06 mime.conf
-r--r--r-- 1 proxy proxy 11651 Jun 19 2012 mime.conf.default
-rw-r----- 1 proxy proxy 421 Sep 3 20:10 msntauth.conf
-r--r--r-- 1 proxy proxy 421 Jun 19 2012 msntauth.conf.default
-rw-r----- 1 proxy proxy 2003 Sep 3 20:04 squid.conf
-r--r--r-- 1 proxy proxy 2425 Jun 19 2012 squid.conf.default
-r--r--r-- 1 proxy proxy 208245 Jun 19 2012 squid.conf.documented
-rw-r--r-- 1 proxy proxy 11136 Sep 3 20:08 squidGuard.conf
-rw-r--r-- 1 proxy proxy 1616 Jun 10 13:03 squidGuard.conf.sample

I have noticed the squid it self is working now that I reinstalled them in reverse order. I can stop and start squid with no problems now.

Just need to get that squidguard working now.

Thanks so much for all the attention to my issues guys.

so whats next?

DrClaw

avp

ok, so as you can see, there are 2 squid pkgs installed. This may or may not be a problem. I'd be inclined to uninstall the 2.7 one…

Are you actually running from a shell, or are you using the Execute shell command from the gui? The reason I ask, is that if you are logged into the box via SSH, you would/should have root access, and you shouldn't see so many permissions denied msgs. This is what you want to do, SSH in, use putty for Windows, or SSH on *nix variants...

In the squid gui config page, closer to the bottom, Custom settings, Integrations, you will see this:

/usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf

you can try this from the shell to see if you can manually run SG. report any errors.

Claw22000

@avp:

ok, so as you can see, there are 2 squid pkgs installed. This may or may not be a problem. I'd be inclined to uninstall the 2.7 one…

Are you actually running from a shell, or are you using the Execute shell command from the gui? The reason I ask, is that if you are logged into the box via SSH, you would/should have root access, and you shouldn't see so many permissions denied msgs. This is what you want to do, SSH in, use putty for Windows, or SSH on *nix variants...

In the squid gui config page, closer to the bottom, Custom settings, Integrations, you will see this:
/usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
you can try this from the shell to see if you can manually run SG. report any errors.

I am using putty. I used to run a BBS software on telnet so me and my friend could play some old BBS games we liked.

I will try this and report what happens.

Again Thanks so much!

Claw22000

@avp:

ok, so as you can see, there are 2 squid pkgs installed. This may or may not be a problem. I'd be inclined to uninstall the 2.7 one…

In the squid gui config page, closer to the bottom, Custom settings, Integrations, you will see this:
/usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
you can try this from the shell to see if you can manually run SG. report any errors.

How do I uninstall just the 2.7 version?

I think the issue with the shell was I was logged in as my own user. In *nix varians I was taught to always login as a secondary user and only use root, or in this case Admin, for those rare occasions you absolutely need to.

Ok so heres what happened.

I ran that code and waited for quite a long time and the it just sat there. So I went in to the GUI and it says started! tried surfing too redtube dot com and playboy dot com and it didn't block either one. Went in and told it to download the block list from shallalist it completed successfully. check to see if the right blocks were still there. They were. saved, and applied changes. Surfed to the two sites again and still able to go there.

So it shows its up. But its not working.

Is this due to having 2 installs of Squid?

if so how do I remove just one 1?

Thanks

Claw22000

I know its tacky to reply 2 times let alone 3 on your own question, but I just tested it and notice it was blocking the sites I listed previously. So I guess what needs to be done next is just uninstall the older version of squid, and make the needed changes so if power fails or for some reason I need to power down the box to move it I can. At lease without having to manually enter that every time.

Again Thanks so much for all the help everyone!

avp

Once you have the full name with pkg_info, you can delete with pkg_delete.

Claw22000

@avp:

Once you have the full name with pkg_info, you can delete with pkg_delete.

I will get right on that after work.

How do I make the change permanent?

I don't want to have to manually start SG every time.

Thanks

DrClaw