Proxy Autenticado e Mult WAN

marcelloc

@UnDr3aD:

Abro o browser (já configurado pra pegar o proxy) e o prompt para autenticação não aparece!!!!!!!!

ideias????

Você já perguntou isso em outro tópico.
http://forum.pfsense.org/index.php/topic,62263.msg366962.html#msg366962

A Former User

system.log


/pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'

Não estou conseguindo resolver isso.

LFCavalcanti

@UnDr3aD:

system.log


/pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'

Não estou conseguindo resolver isso.

Isto só comunica que o serviço do Squid estava desativado quando você aplicou alguma alteração. Verifique linhas próximas a essa para erros apontando para o SQUID.

A Former User

@LFCavalcanti:

Isto só comunica que o serviço do Squid estava desativado quando você aplicou alguma alteração. Verifique linhas próximas a essa para erros apontando para o SQUID.

grep -i squid /var/log/system.log


Sep 24 14:57:50 medivh php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 24 14:57:50 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 24 15:09:45 medivh php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 24 15:09:46 medivh php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 24 15:09:46 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 24 15:09:46 medivh php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 24 15:09:47 medivh php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 24 15:09:47 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 24 15:12:23 medivh php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 24 15:12:24 medivh php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 24 15:12:24 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 24 15:12:24 medivh php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 24 15:12:25 medivh php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 24 15:12:25 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 24 15:13:14 medivh squid[15859]: Squid Parent: will start 1 kids
Sep 24 15:13:14 medivh squid[15859]: Squid Parent: (squid-1) process 16319 started
Sep 24 15:13:37 medivh php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy'
Sep 24 15:13:42 medivh php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy'
Sep 24 15:13:45 medivh squid[21886]: Squid Parent: will start 1 kids
Sep 24 15:13:45 medivh squid[21886]: Squid Parent: (squid-1) process 22459 started
Sep 24 15:15:46 medivh php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy'
Sep 24 15:16:26 medivh php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy'
Sep 24 15:16:28 medivh squid[73944]: Squid Parent: will start 1 kids
Sep 24 15:16:28 medivh squid[73944]: Squid Parent: (squid-1) process 74581 started

não estou conseguindo identificar o porque de o prompt de autenticação não estar sendo apresentado no browser.

LFCavalcanti

Só uma pergunta: Os Browsers que você testou estão com o Proxy configurado?

marcelloc

squid -k parse

tail -f /var/squid/logs/*log

A Former User

@marcelloc:

squid -k parse


[2.1-RELEASE][root@medivh.ntu0]/root(6): squid -k parse
2013/09/24 16:58:35| Startup: Initializing Authentication Schemes ...
2013/09/24 16:58:35| Startup: Initialized Authentication Scheme 'basic'
2013/09/24 16:58:35| Startup: Initialized Authentication Scheme 'digest'
2013/09/24 16:58:35| Startup: Initialized Authentication Scheme 'negotiate'
2013/09/24 16:58:35| Startup: Initialized Authentication Scheme 'ntlm'
2013/09/24 16:58:35| Startup: Initialized Authentication.
2013/09/24 16:58:35| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0)
2013/09/24 16:58:35| Processing: http_port 192.168.0.50:3128
2013/09/24 16:58:35| Processing: icp_port 7
2013/09/24 16:58:35| Processing: dns_v4_first on
2013/09/24 16:58:35| Processing: pid_filename /var/run/squid.pid
2013/09/24 16:58:35| Processing: cache_effective_user proxy
2013/09/24 16:58:35| Processing: cache_effective_group proxy
2013/09/24 16:58:35| Processing: error_default_language pt-br
2013/09/24 16:58:35| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons
2013/09/24 16:58:35| Processing: visible_hostname proxyntu
2013/09/24 16:58:35| Processing: cache_mgr ni@ntu.org.br
2013/09/24 16:58:35| Processing: access_log /var/squid/logs/access.log
2013/09/24 16:58:35| Processing: cache_log /var/squid/logs/cache.log
2013/09/24 16:58:35| Processing: cache_store_log none
2013/09/24 16:58:35| Processing: logfile_rotate 0
2013/09/24 16:58:35| Processing: shutdown_lifetime 3 seconds
2013/09/24 16:58:35| Processing: acl localnet src  192.168.0.0/24
2013/09/24 16:58:35| Processing: httpd_suppress_version_string on
2013/09/24 16:58:35| Processing: uri_whitespace strip
2013/09/24 16:58:35| Processing: acl dynamic urlpath_regex cgi-bin \?
2013/09/24 16:58:35| Processing: cache deny dynamic
2013/09/24 16:58:35| Processing: cache_mem 128 MB
2013/09/24 16:58:35| Processing: maximum_object_size_in_memory 32 KB
2013/09/24 16:58:35| Processing: memory_replacement_policy heap GDSF
2013/09/24 16:58:35| Processing: cache_replacement_policy heap LFUDA
2013/09/24 16:58:35| Processing: cache_dir ufs /var/squid/cache 2048 16 256
2013/09/24 16:58:35| Processing: minimum_object_size 0 KB
2013/09/24 16:58:35| Processing: maximum_object_size 4000 KB
2013/09/24 16:58:35| Processing: offline_mode off
2013/09/24 16:58:35| Processing: cache_swap_low 90
2013/09/24 16:58:35| Processing: cache_swap_high 95
2013/09/24 16:58:35| Processing: cache allow all
2013/09/24 16:58:35| Processing: acl allsrc src all
2013/09/24 16:58:35| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 3127 1025-65535
2013/09/24 16:58:35| Processing: acl sslports port 443 563
2013/09/24 16:58:35| Processing: acl purge method PURGE
2013/09/24 16:58:35| Processing: acl connect method CONNECT
2013/09/24 16:58:35| Processing: acl HTTP proto HTTP
2013/09/24 16:58:35| Processing: acl HTTPS proto HTTPS
2013/09/24 16:58:35| Processing: http_access allow manager localhost
2013/09/24 16:58:35| Processing: http_access deny manager
2013/09/24 16:58:35| Processing: http_access allow purge localhost
2013/09/24 16:58:35| Processing: http_access deny purge
2013/09/24 16:58:35| Processing: http_access deny !safeports
2013/09/24 16:58:35| Processing: http_access deny CONNECT !sslports
2013/09/24 16:58:35| Processing: request_body_max_size 0 KB
2013/09/24 16:58:35| Processing: delay_pools 1
2013/09/24 16:58:35| Processing: delay_class 1 2
2013/09/24 16:58:35| Processing: delay_parameters 1 -1/-1 -1/-1
2013/09/24 16:58:35| Processing: delay_initial_bucket_level 100
2013/09/24 16:58:35| Processing: delay_access 1 allow allsrc
2013/09/24 16:58:35| Processing: auth_param basic program /usr/pbi/squid-amd64/libexec/squid/basic_ldap_auth -v 3 -b dc=ntu0,dc=local -D cn=Administrator,cn=Users,dc=ntu0,dc=local -w XXXXXXXXXXX -f "sAMAccountName=%s" -u uid -P 192.168.0.3:389
2013/09/24 16:58:35| Processing: auth_param basic children 5
2013/09/24 16:58:35| Processing: auth_param basic realm Please enter your credentials to access the proxy
2013/09/24 16:58:35| Processing: auth_param basic credentialsttl 60 minutes
2013/09/24 16:58:35| Processing: acl password proxy_auth REQUIRED
2013/09/24 16:58:35| Processing: http_access allow password localnet
2013/09/24 16:58:35| Processing: http_access deny allsrc
2013/09/24 16:58:35| Initializing https proxy context

@marcelloc:

tail -f /var/squid/logs/*log


[2.1-RELEASE][root@medivh.ntu0]/root(7): tail -f /var/squid/logs/*log

==> /var/squid/logs/access.log <==

==> /var/squid/logs/cache.log <==
2013/09/24 15:16:28 kid1| Max Mem  size: 131072 KB
2013/09/24 15:16:28 kid1| Max Swap size: 2097152 KB
2013/09/24 15:16:28 kid1| Rebuilding storage in /var/squid/cache (no log)
2013/09/24 15:16:28 kid1| Using Least Load store dir selection
2013/09/24 15:16:28 kid1| Current Directory is /usr/local/www
2013/09/24 15:16:28 kid1| Loaded Icons.
2013/09/24 15:16:28 kid1| HTCP Disabled.
2013/09/24 15:16:28 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2013/09/24 15:16:28 kid1| sendto FD 25: (1) Operation not permitted
2013/09/24 15:16:28 kid1| ipcCreate: CHILD: hello write test failed

@LFCavalcanti:

Só uma pergunta: Os Browsers que você testou estão com o Proxy configurado?

Sim.

A Former User


[2.1-RELEASE][root@medivh.ntu0]/root(1): squid -v
Squid Cache: Version 3.3.8
configure options:  '--with-default-user=squid' '--bindir=/usr/pbi/squid-amd64/sbin' '--sbindir=/usr/pbi/squid-amd64/sbin' '--datadir=/usr/pbi/squid-amd64/etc/squid' '--libexecdir=/usr/pbi/squid-amd64/libexec/squid' '--localstatedir=/var' '--sysconfdir=/usr/pbi/squid-amd64/etc/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid/squid.pid' '--with-swapdir=/var/squid/cache/squid' '--enable-auth' '--enable-build-info' '--enable-loadable-modules' '--enable-removal-policies=lru heap' '--disable-epoll' '--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-translation' '--enable-auth-basic=DB MSNT MSNT-multi-domain NCSA PAM POP3 RADIUS  fake getpwnam LDAP SASL NIS' '--enable-auth-digest=file' '--enable-external-acl-helpers=file_userip time_quota unix_group LDAP_group kerberos_ldap_group' '--enable-auth-negotiate=kerberos wrapper' '--enable-auth-ntlm=fake smb_lm' '--enable-storeio=diskd rock ufs aufs' '--enable-disk-io=AIO Blocking DiskDaemon IpcIo Mmapped DiskThreads' '--enable-log-daemon-helpers=file' '--enable-url-rewrite-helpers=fake' '--enable-delay-pools' '--enable-ssl' '--with-openssl=/usr' '--enable-ssl-crtd' '--enable-icmp' '--enable-htcp' '--disable-forw-via-db' '--enable-cache-digests' '--enable-wccp' '--enable-wccpv2' '--enable-eui' '--disable-ipfw-transparent' '--enable-pf-transparent' '--disable-ipf-transparent' '--enable-follow-x-forwarded-for' '--disable-ecap' '--enable-icap-client' '--disable-esi' '--enable-kqueue' '--with-large-files' '--prefix=/usr/pbi/squid-amd64' '--mandir=/usr/pbi/squid-amd64/man' '--infodir=/usr/pbi/squid-amd64/info/' '--build=amd64-portbld-freebsd8.3' 'build_alias=amd64-portbld-freebsd8.3' 'CC=cc' 'CFLAGS=-O2 -pipe -I/usr/pbi/squid-amd64/include -I/usr/pbi/squid-amd64/include -I/usr/include -DLDAP_DEPRECATED -fno-strict-aliasing' 'LDFLAGS= -L/usr/pbi/squid-amd64/lib -L/usr/pbi/squid-amd64/lib -pthread -Wl,-rpath=/usr/lib:/usr/pbi/squid-amd64/lib -L/usr/lib' 'CPPFLAGS=-I/usr/pbi/squid-amd64/include' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -I/usr/pbi/squid-amd64/include -I/usr/pbi/squid-amd64/include -I/usr/include -DLDAP_DEPRECATED -fno-strict-aliasing' 'CPP=cpp' --enable-ltdl-convenience


[2.1-RELEASE][root@medivh.ntu0]/root(2): ls -l /var/squid/
total 8
drwxr-xr-x   2 proxy  proxy  512 Sep 24 14:54 acl
drwxr-xr-x  18 proxy  proxy  512 Sep 25 00:00 cache
drwxr-xr-x   3 proxy  proxy  512 Sep 24 14:54 lib
drwxr-xr-x   2 proxy  proxy  512 Sep 24 15:16 logs

Pergunto: O usuário do squid não deveria ser "proxy"? Se eu não me engano é proxy na versão 2 disponível no repositório!

A Former User

só pra constar aqui.
fiz essa vm com o pfsense e instalei o pacote squid (2). configurei e funcionou ok! está funcionando!
nem configurei multiwan nela, estou fazendo passo por passo.
tirei um snapshot dessa vm e a partir dele fiz uma nova vm, onde desinstalei o squid(2) e instalei o squid3. As configurações do squid(2) fora reconhecidas pelo squid3, ou seja, em teoria era pra funcionar também, contudo não está funcionando nem com reza "braba" e água benta! não está aparecendo o prompt de autenticação no navegador (que está configurado!).

@UnDr3aD:

Pergunto: O usuário do squid não deveria ser "proxy"? Se eu não me engano é proxy na versão 2 disponível no repositório!

verifiquei na outra vm e é isso mesmo, o squid(2) usa o usuário proxy, mas o squid3 usa o usuário squid! poderia ser algo relacionado a isso?

marcelloc

Subi um squid3 sem problemas aqui.
Já seguiu as orientações do outro post?

A Former User

@marcelloc:

Subi um squid3 sem problemas aqui.
Já seguiu as orientações do outro post?

sim. tenho feito várias pesquisas e segui aquele seu post do squid3.

vou fazer o seguinte:
~~mais uma vez,~~ vou criar uma vm (com o .ova do pfSense 2.0.3 do repositório) e instalar do zero com o squid3 e testar.

A Former User

pois é…..
fiz o seguinte:

instalei o pfSense 2.0.3 (appliance)
instalei os patches lá do post do squid3 (das outras vezes tinha instalado depois do squid3)
instalei o squid3-dev
configurei o squid para autenticar no AD e, ...
funcionou!!!!!
Eeeentretando...
atualizei o pfSense para a versão atual (2.1) (das outras vezes tinha atualizado primeiro de tudo) e, ...
o prompt para autenticação do proxy no navegador volta a NÃO aparecer.
(interessante que acessa a internet ok, até mesmo faz o log de acessos do squid, mas não abre janela de autenticação!)

Logo, infere-se que há algum coisa ~~magia negra, omg!~~ entre o squid3 e a versão do pfSense 2.1 que não estão se dando bem!
Ideias????

marcelloc

Estou falando deste tópico:
@marcelloc:

http://forum.pfsense.org/index.php/topic,62263.msg366962.html#msg366962

onde diz:
Veja se o squid está escutando na porta que você configurou. Se não estiver, habilite o ipv6, mate todos os processos do squid e em seguida salve as configurações para iniciar o daemon novamente.

A Former User

@marcelloc:

Estou falando deste tópico:
@marcelloc:

http://forum.pfsense.org/index.php/topic,62263.msg366962.html#msg366962

onde diz:
Veja se o squid está escutando na porta que você configurou. Se não estiver, habilite o ipv6, mate todos os processos do squid e em seguida salve as configurações para iniciar o daemon novamente.

veja:


[2.1-RELEASE][root@mercurio.ntu0]/root(3): tcpdump port 3128

…


15:16:31.077410 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524
15:16:31.077551 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524
15:16:31.077845 IP ntu-0124.ntu0.local.20613 > mercurio.ntu0.3128: Flags [.], ack 16400, win 16425, length 0
15:16:31.079652 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524
15:16:31.079787 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524
15:16:31.080041 IP ntu-0124.ntu0.local.20613 > mercurio.ntu0.3128: Flags [.], ack 17448, win 16163, length 0
15:16:31.082037 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524
15:16:31.082218 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 90
15:16:31.082535 IP ntu-0124.ntu0.local.20613 > mercurio.ntu0.3128: Flags [.], ack 18062, win 16425, length 0
15:16:31.096214 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.096383 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.096531 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 71553, win 16425, length 0
15:16:31.098522 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.098667 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.098894 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 72601, win 16163, length 0
15:16:31.100853 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.100986 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.101234 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 73649, win 16425, length 0
15:16:31.103190 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.103324 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.103574 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 74697, win 16163, length 0
15:16:31.105527 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.105666 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.106023 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 75745, win 16425, length 0
15:16:31.107981 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.108107 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.108406 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 76793, win 16163, length 0
15:16:31.110194 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524
15:16:31.110335 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 154
15:16:31.110807 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 77995, win 16425, length 0
^C
344 packets captured
560 packets received by filter
0 packets dropped by kernel

nas outras VM's eu tinha esquecido de ativar o IPv6, contudo nessa VM foi uma das primeiras coisas que eu fiz (e esqueci de colocar na resposta de cima)

pelo resultado acima acho que está ouvindo a porta sim. ainda assim devo matar os processos e salvar as configurações? (você disse pra fazer isso somente no caso de a porta não estar sendo ouvida.)

marcelloc

Se tem trafego na porta, então sim, os squid está rodando.

O que não bate com um dos primeiros logs que você mandou

returned exit code '1', the output was 'squid: ERROR: No running copy'

Se nesta última vm o squid está no ar sem morrer(veja o cache.log) o proximo passo é verificar as acls do squid.

A Former User

@marcelloc:

Se tem trafego na porta, então sim, os squid está rodando.

O que não bate com um dos primeiros logs que você mandou
returned exit code '1', the output was 'squid: ERROR: No running copy'
Se nesta última vm o squid está no ar sem morrer(veja o cache.log) o proximo passo é verificar as acls do squid.

pois é… aí que está...

mesmo nessa nova VM, o resultado co comando grep -i squid /var/log/system.log é:


Sep 25 15:18:04 pfSense php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:18:04 pfSense php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:19:01 pfSense php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:19:02 pfSense php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:19:02 pfSense php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:19:02 pfSense php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:19:03 pfSense php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:19:04 pfSense php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 12:22:37 mercurio php: : [Squid] - Squid_resync function call pr: bp:1 rpc:no
Sep 25 12:22:39 mercurio php: : Starting Squid
Sep 25 12:22:39 mercurio squid[52687]: Squid Parent: will start 1 kids
Sep 25 12:22:39 mercurio squid[52687]: Squid Parent: (squid-1) process 53140 started
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : Not calling package sync code for dependency squidreverse of squid3-dev because some include files are missing.
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:26:24 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 12:26:25 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 12:26:25 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 12:26:26 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 12:28:23 mercurio php: /pkg_edit.php: Creating squid cache subdirs in /var/squid/cache
Sep 25 12:28:28 mercurio squid[52687]: Squid Parent: (squid-1) process 53140 exited with status 0
Sep 25 12:28:28 mercurio php: /pkg_edit.php: The command '/usr/local/sbin/squid -k kill -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 12:28:28 mercurio squid[24643]: Squid Parent: will start 1 kids
Sep 25 12:28:28 mercurio squid[24643]: Squid Parent: (squid-1) process 25094 started
Sep 25 12:28:28 mercurio squid[24643]: Squid Parent: (squid-1) process 25094 exited with status 0
Sep 25 12:28:28 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr: bp: rpc:no
Sep 25 12:28:29 mercurio php: /pkg_edit.php: Creating squid cache subdirs in /var/squid/cache
Sep 25 12:28:34 mercurio php: /pkg_edit.php: The command '/usr/local/sbin/squid -k kill -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 12:28:34 mercurio squid[28482]: Squid Parent: will start 1 kids
Sep 25 12:28:34 mercurio squid[28482]: Squid Parent: (squid-1) process 28915 started
Sep 25 12:28:38 mercurio squid[28482]: Squid Parent: (squid-1) process 28915 exited with status 0
Sep 25 12:28:38 mercurio php: /pkg_edit.php: Starting Squid
Sep 25 12:28:38 mercurio squid[29299]: Squid Parent: will start 1 kids
Sep 25 12:28:38 mercurio squid[29299]: Squid Parent: (squid-1) process 29601 started
Sep 25 12:38:27 mercurio php: rc.bootup: List of packages to reinstall: squid3-dev
Sep 25 12:38:27 mercurio php: rc.bootup: Uninstalling package squid3-dev
Sep 25 12:38:41 mercurio php: rc.bootup: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy'
Sep 25 12:38:41 mercurio php: rc.bootup: PBI dir for squid-3.3.8-amd64 was not found - cannot cleanup PBI files
Sep 25 12:38:42 mercurio php: rc.bootup: Finished uninstalling package squid3-dev
Sep 25 12:38:42 mercurio php: rc.bootup: Reinstalling package squid3-dev
Sep 25 12:38:43 mercurio php: rc.bootup: Beginning package installation for squid3-dev .
Sep 25 12:41:14 mercurio php: rc.bootup: Starting Squid
Sep 25 12:41:14 mercurio squid[69152]: Squid Parent: will start 1 kids
Sep 25 12:41:14 mercurio squid[69152]: Squid Parent: (squid-1) process 69410 started
Sep 25 12:41:14 mercurio php: rc.bootup: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:15 mercurio php: rc.bootup: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:15 mercurio php: rc.bootup: Finished installing package squid3-dev
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: Not calling package sync code for dependency squidreverse of squid3-dev because some include files are missing.
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no
Sep 25 12:41:23 mercurio squid[90544]: Squid Parent: will start 1 kids
Sep 25 12:41:23 mercurio squid[90544]: Squid Parent: (squid-1) process 90664 started
Sep 25 15:44:41 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:44:42 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:44:42 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:45:25 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:45:25 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:45:25 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:45:53 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:45:54 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:45:54 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:46:38 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:46:39 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:46:39 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:47:45 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:47:46 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:47:46 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:47:46 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:47:47 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:47:47 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:48:21 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:48:22 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:48:22 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:48:22 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:48:23 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:48:23 mercurio squid: Bungled /usr/pbi/squid-amd64/etc/squid/squid.conf line 94: http_access allow password localnet
Sep 25 15:48:23 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was '2013/09/25 15:48:23| aclParseAclList: ACL name 'localnet' not found. FATAL: Bungled /usr/pbi/squid-amd64/etc/squid/squid.conf line 94: http_access allow password localnet Squid Cache (Version 3.3.8): Terminated abnormally. CPU Usage: 0.034 seconds = 0.034 user + 0.000 sys Maximum Resident Size: 39424 KB Page faults with physical i/o: 0'
Sep 25 15:48:44 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:48:45 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:48:45 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:48:51 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:48:51 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:48:51 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Sep 25 15:48:52 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Sep 25 15:48:52 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 25 15:48:53 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'

O tcpdump port 3128 continua dando o mesmo resultado acima (ou seja, passando trafego)

*tail -f /var/log/squid/log retorna:


==> /var/log/squid/access.log <==
1380134995.023   3110 192.168.0.108 TCP_MISS/304 377 GET http://pudim.com.br/ - HIER_DIRECT/200.219.245.95 -
1380134995.424    232 192.168.0.108 TCP_MISS/200 546 GET http://www.google-analytics.com/__utm.gif? - HIER_DIRECT/74.125.234.102 image/gif
1380135000.745    518 192.168.0.108 TCP_MISS/301 485 GET http://facebook.com/ - HIER_DIRECT/173.252.110.27 text/html
1380135001.233    483 192.168.0.108 TCP_MISS/301 542 GET http://www.facebook.com/ - HIER_DIRECT/31.13.73.33 text/html
1380135002.252    712 192.168.0.108 TCP_MISS/200 2327 POST http://ocsp.verisign.com/ - HIER_DIRECT/199.7.71.72 application/ocsp-response
1380135007.675   5066 192.168.0.108 TCP_MISS/200 24230 CONNECT fbstatic-a.akamaihd.net:443 - HIER_DIRECT/205.185.204.42 -
1380135007.678   8254 192.168.0.108 TCP_MISS/200 3772 CONNECT api.duckduckgo.com:443 - HIER_DIRECT/107.21.1.80 -
1380135007.680   6438 192.168.0.108 TCP_MISS/200 19163 CONNECT www.facebook.com:443 - HIER_DIRECT/31.13.73.33 -
1380135007.681  62532 192.168.0.108 TCP_MISS/200 4331 CONNECT www.google.com:443 - HIER_DIRECT/74.125.234.147 -
1380135007.682   7558 192.168.0.108 TCP_MISS/200 4649 CONNECT i.duckduckgo.com:443 - HIER_DIRECT/184.72.115.86 -

==> /var/log/squid/cache.log <==
2013/09/25 12:41:24 kid1| storeLateRelease: released 0 objects
2013/09/25 13:37:15 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state
2013/09/25 13:37:15 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state
2013/09/25 13:37:15 kid1| NETDB state saved; 8 entries, 0 msec
2013/09/25 14:31:23 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state
2013/09/25 14:31:23 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state
2013/09/25 14:31:23 kid1| NETDB state saved; 8 entries, 0 msec
2013/09/25 15:26:44 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state
2013/09/25 15:26:44 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state
2013/09/25 15:26:44 kid1| NETDB state saved; 9 entries, 0 msec

e só pra completar as informações estou mandando também squid -k parse:


2013/09/25 15:54:59| Startup: Initializing Authentication Schemes ...
2013/09/25 15:54:59| Startup: Initialized Authentication Scheme 'basic'
2013/09/25 15:54:59| Startup: Initialized Authentication Scheme 'digest'
2013/09/25 15:54:59| Startup: Initialized Authentication Scheme 'negotiate'
2013/09/25 15:54:59| Startup: Initialized Authentication Scheme 'ntlm'
2013/09/25 15:54:59| Startup: Initialized Authentication.
2013/09/25 15:54:59| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0)
2013/09/25 15:54:59| Processing: http_port 192.168.0.52:3128
2013/09/25 15:54:59| Processing: icp_port 7
2013/09/25 15:54:59| Processing: dns_v4_first on
2013/09/25 15:54:59| Processing: pid_filename /var/run/squid.pid
2013/09/25 15:54:59| Processing: cache_effective_user proxy
2013/09/25 15:54:59| Processing: cache_effective_group proxy
2013/09/25 15:54:59| Processing: error_default_language en
2013/09/25 15:54:59| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons
2013/09/25 15:54:59| Processing: visible_hostname localhost
2013/09/25 15:54:59| Processing: cache_mgr admin@localhost
2013/09/25 15:54:59| Processing: access_log /var/squid/logs/access.log
2013/09/25 15:54:59| Processing: cache_log /var/squid/logs/cache.log
2013/09/25 15:54:59| Processing: cache_store_log none
2013/09/25 15:54:59| Processing: logfile_rotate 0
2013/09/25 15:54:59| Processing: shutdown_lifetime 3 seconds
2013/09/25 15:54:59| Processing: httpd_suppress_version_string on
2013/09/25 15:54:59| Processing: uri_whitespace strip
2013/09/25 15:54:59| Processing: acl dynamic urlpath_regex cgi-bin \?
2013/09/25 15:54:59| Processing: cache deny dynamic
2013/09/25 15:54:59| Processing: cache_mem 8 MB
2013/09/25 15:54:59| Processing: maximum_object_size_in_memory 32 KB
2013/09/25 15:54:59| Processing: memory_replacement_policy heap GDSF
2013/09/25 15:54:59| Processing: cache_replacement_policy heap LFUDA
2013/09/25 15:54:59| Processing: cache_dir ufs /var/squid/cache 2048 16 256
2013/09/25 15:54:59| Processing: minimum_object_size 0 KB
2013/09/25 15:54:59| Processing: maximum_object_size 400 KB
2013/09/25 15:54:59| Processing: offline_mode off
2013/09/25 15:54:59| Processing: cache_swap_low 90
2013/09/25 15:54:59| Processing: cache_swap_high 95
2013/09/25 15:54:59| Processing: cache allow all
2013/09/25 15:54:59| Processing: acl allsrc src all
2013/09/25 15:54:59| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 3127 1025-65535
2013/09/25 15:54:59| Processing: acl sslports port 443 563
2013/09/25 15:54:59| Processing: acl purge method PURGE
2013/09/25 15:54:59| Processing: acl connect method CONNECT
2013/09/25 15:54:59| Processing: acl HTTP proto HTTP
2013/09/25 15:54:59| Processing: acl HTTPS proto HTTPS
2013/09/25 15:54:59| Processing: acl allowed_subnets src 192.168.0.0/24
2013/09/25 15:54:59| Processing: acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
2013/09/25 15:54:59| Processing: http_access allow manager localhost
2013/09/25 15:54:59| Processing: http_access deny manager
2013/09/25 15:54:59| Processing: http_access allow purge localhost
2013/09/25 15:54:59| Processing: http_access deny purge
2013/09/25 15:54:59| Processing: http_access deny !safeports
2013/09/25 15:54:59| Processing: http_access deny CONNECT !sslports
2013/09/25 15:54:59| Processing: request_body_max_size 0 KB
2013/09/25 15:54:59| Processing: delay_pools 1
2013/09/25 15:54:59| Processing: delay_class 1 2
2013/09/25 15:54:59| Processing: delay_parameters 1 -1/-1 -1/-1
2013/09/25 15:54:59| Processing: delay_initial_bucket_level 100
2013/09/25 15:54:59| Processing: delay_access 1 allow allsrc
2013/09/25 15:54:59| Processing: http_access deny blacklist
2013/09/25 15:54:59| Processing: auth_param basic program /usr/pbi/squid-amd64/libexec/squid/basic_ldap_auth -v 3 -b dc=ntu0,dc=local -D cn=Administrator,cn=Users,dc=ntu0,dc=local -w XXXXXXXXXXXXX -f "sAMAccountName=%s" -u uid -P 192.168.0.3:389
2013/09/25 15:54:59| Processing: auth_param basic children 5
2013/09/25 15:54:59| Processing: auth_param basic realm Please enter your credentials to access the proxy
2013/09/25 15:54:59| Processing: auth_param basic credentialsttl 60 minutes
2013/09/25 15:54:59| Processing: acl password proxy_auth REQUIRED
2013/09/25 15:54:59| Processing: http_access allow password allowed_subnets
2013/09/25 15:54:59| Processing: http_access deny allsrc
2013/09/25 15:54:59| Initializing https proxy context

mil tretas mano!

marcelloc

E o cache.log?

A Former User

@marcelloc:

E o cache.log?

já tem o cache.log acima!

@UnDr3aD:

*tail -f /var/log/squid/log retorna:


==> /var/log/squid/cache.log <==
2013/09/25 12:41:24 kid1| storeLateRelease: released 0 objects
2013/09/25 13:37:15 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state
2013/09/25 13:37:15 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state
2013/09/25 13:37:15 kid1| NETDB state saved; 8 entries, 0 msec
2013/09/25 14:31:23 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state
2013/09/25 14:31:23 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state
2013/09/25 14:31:23 kid1| NETDB state saved; 8 entries, 0 msec
2013/09/25 15:26:44 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state
2013/09/25 15:26:44 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state
2013/09/25 15:26:44 kid1| NETDB state saved; 9 entries, 0 msec

ou tem outro log de cache em outro lugar???

A Former User

continuando…!

as acl do squid parecem não estar funcionando também! não estou conseguindo bloquear nada!

Augusto

Olá…Eu uso MultWan e Squid autenticado "transparente" por NTLM.....e aqui esta funcionando...

Você criou a regra de floating?
Lá em Custom você colocou o tcp_outgoing_address?

Não sei se pode ser isso...masss....