Proxy Autenticado e Mult WAN
-
@UnDr3aD:
Abro o browser (já configurado pra pegar o proxy) e o prompt para autenticação não aparece!!!!!!!!
ideias????
Você já perguntou isso em outro tópico.
http://forum.pfsense.org/index.php/topic,62263.msg366962.html#msg366962 -
system.log
/pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Não estou conseguindo resolver isso.
-
@UnDr3aD:
system.log
/pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Não estou conseguindo resolver isso.
Isto só comunica que o serviço do Squid estava desativado quando você aplicou alguma alteração. Verifique linhas próximas a essa para erros apontando para o SQUID.
-
Isto só comunica que o serviço do Squid estava desativado quando você aplicou alguma alteração. Verifique linhas próximas a essa para erros apontando para o SQUID.
grep -i squid /var/log/system.log
Sep 24 14:57:50 medivh php: /pkg_edit.php: Reloading Squid for configuration sync Sep 24 14:57:50 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 24 15:09:45 medivh php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 24 15:09:46 medivh php: /pkg_edit.php: Reloading Squid for configuration sync Sep 24 15:09:46 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 24 15:09:46 medivh php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 24 15:09:47 medivh php: /pkg_edit.php: Reloading Squid for configuration sync Sep 24 15:09:47 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 24 15:12:23 medivh php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 24 15:12:24 medivh php: /pkg_edit.php: Reloading Squid for configuration sync Sep 24 15:12:24 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 24 15:12:24 medivh php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 24 15:12:25 medivh php: /pkg_edit.php: Reloading Squid for configuration sync Sep 24 15:12:25 medivh php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 24 15:13:14 medivh squid[15859]: Squid Parent: will start 1 kids Sep 24 15:13:14 medivh squid[15859]: Squid Parent: (squid-1) process 16319 started Sep 24 15:13:37 medivh php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy' Sep 24 15:13:42 medivh php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy' Sep 24 15:13:45 medivh squid[21886]: Squid Parent: will start 1 kids Sep 24 15:13:45 medivh squid[21886]: Squid Parent: (squid-1) process 22459 started Sep 24 15:15:46 medivh php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy' Sep 24 15:16:26 medivh php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy' Sep 24 15:16:28 medivh squid[73944]: Squid Parent: will start 1 kids Sep 24 15:16:28 medivh squid[73944]: Squid Parent: (squid-1) process 74581 started
não estou conseguindo identificar o porque de o prompt de autenticação não estar sendo apresentado no browser.
-
Só uma pergunta: Os Browsers que você testou estão com o Proxy configurado?
-
squid -k parse
tail -f /var/squid/logs/*log
-
squid -k parse
[2.1-RELEASE][root@medivh.ntu0]/root(6): squid -k parse 2013/09/24 16:58:35| Startup: Initializing Authentication Schemes ... 2013/09/24 16:58:35| Startup: Initialized Authentication Scheme 'basic' 2013/09/24 16:58:35| Startup: Initialized Authentication Scheme 'digest' 2013/09/24 16:58:35| Startup: Initialized Authentication Scheme 'negotiate' 2013/09/24 16:58:35| Startup: Initialized Authentication Scheme 'ntlm' 2013/09/24 16:58:35| Startup: Initialized Authentication. 2013/09/24 16:58:35| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0) 2013/09/24 16:58:35| Processing: http_port 192.168.0.50:3128 2013/09/24 16:58:35| Processing: icp_port 7 2013/09/24 16:58:35| Processing: dns_v4_first on 2013/09/24 16:58:35| Processing: pid_filename /var/run/squid.pid 2013/09/24 16:58:35| Processing: cache_effective_user proxy 2013/09/24 16:58:35| Processing: cache_effective_group proxy 2013/09/24 16:58:35| Processing: error_default_language pt-br 2013/09/24 16:58:35| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons 2013/09/24 16:58:35| Processing: visible_hostname proxyntu 2013/09/24 16:58:35| Processing: cache_mgr ni@ntu.org.br 2013/09/24 16:58:35| Processing: access_log /var/squid/logs/access.log 2013/09/24 16:58:35| Processing: cache_log /var/squid/logs/cache.log 2013/09/24 16:58:35| Processing: cache_store_log none 2013/09/24 16:58:35| Processing: logfile_rotate 0 2013/09/24 16:58:35| Processing: shutdown_lifetime 3 seconds 2013/09/24 16:58:35| Processing: acl localnet src 192.168.0.0/24 2013/09/24 16:58:35| Processing: httpd_suppress_version_string on 2013/09/24 16:58:35| Processing: uri_whitespace strip 2013/09/24 16:58:35| Processing: acl dynamic urlpath_regex cgi-bin \? 2013/09/24 16:58:35| Processing: cache deny dynamic 2013/09/24 16:58:35| Processing: cache_mem 128 MB 2013/09/24 16:58:35| Processing: maximum_object_size_in_memory 32 KB 2013/09/24 16:58:35| Processing: memory_replacement_policy heap GDSF 2013/09/24 16:58:35| Processing: cache_replacement_policy heap LFUDA 2013/09/24 16:58:35| Processing: cache_dir ufs /var/squid/cache 2048 16 256 2013/09/24 16:58:35| Processing: minimum_object_size 0 KB 2013/09/24 16:58:35| Processing: maximum_object_size 4000 KB 2013/09/24 16:58:35| Processing: offline_mode off 2013/09/24 16:58:35| Processing: cache_swap_low 90 2013/09/24 16:58:35| Processing: cache_swap_high 95 2013/09/24 16:58:35| Processing: cache allow all 2013/09/24 16:58:35| Processing: acl allsrc src all 2013/09/24 16:58:35| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 3127 1025-65535 2013/09/24 16:58:35| Processing: acl sslports port 443 563 2013/09/24 16:58:35| Processing: acl purge method PURGE 2013/09/24 16:58:35| Processing: acl connect method CONNECT 2013/09/24 16:58:35| Processing: acl HTTP proto HTTP 2013/09/24 16:58:35| Processing: acl HTTPS proto HTTPS 2013/09/24 16:58:35| Processing: http_access allow manager localhost 2013/09/24 16:58:35| Processing: http_access deny manager 2013/09/24 16:58:35| Processing: http_access allow purge localhost 2013/09/24 16:58:35| Processing: http_access deny purge 2013/09/24 16:58:35| Processing: http_access deny !safeports 2013/09/24 16:58:35| Processing: http_access deny CONNECT !sslports 2013/09/24 16:58:35| Processing: request_body_max_size 0 KB 2013/09/24 16:58:35| Processing: delay_pools 1 2013/09/24 16:58:35| Processing: delay_class 1 2 2013/09/24 16:58:35| Processing: delay_parameters 1 -1/-1 -1/-1 2013/09/24 16:58:35| Processing: delay_initial_bucket_level 100 2013/09/24 16:58:35| Processing: delay_access 1 allow allsrc 2013/09/24 16:58:35| Processing: auth_param basic program /usr/pbi/squid-amd64/libexec/squid/basic_ldap_auth -v 3 -b dc=ntu0,dc=local -D cn=Administrator,cn=Users,dc=ntu0,dc=local -w XXXXXXXXXXX -f "sAMAccountName=%s" -u uid -P 192.168.0.3:389 2013/09/24 16:58:35| Processing: auth_param basic children 5 2013/09/24 16:58:35| Processing: auth_param basic realm Please enter your credentials to access the proxy 2013/09/24 16:58:35| Processing: auth_param basic credentialsttl 60 minutes 2013/09/24 16:58:35| Processing: acl password proxy_auth REQUIRED 2013/09/24 16:58:35| Processing: http_access allow password localnet 2013/09/24 16:58:35| Processing: http_access deny allsrc 2013/09/24 16:58:35| Initializing https proxy context
tail -f /var/squid/logs/*log
[2.1-RELEASE][root@medivh.ntu0]/root(7): tail -f /var/squid/logs/*log ==> /var/squid/logs/access.log <== ==> /var/squid/logs/cache.log <== 2013/09/24 15:16:28 kid1| Max Mem size: 131072 KB 2013/09/24 15:16:28 kid1| Max Swap size: 2097152 KB 2013/09/24 15:16:28 kid1| Rebuilding storage in /var/squid/cache (no log) 2013/09/24 15:16:28 kid1| Using Least Load store dir selection 2013/09/24 15:16:28 kid1| Current Directory is /usr/local/www 2013/09/24 15:16:28 kid1| Loaded Icons. 2013/09/24 15:16:28 kid1| HTCP Disabled. 2013/09/24 15:16:28 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted 2013/09/24 15:16:28 kid1| sendto FD 25: (1) Operation not permitted 2013/09/24 15:16:28 kid1| ipcCreate: CHILD: hello write test failed
Só uma pergunta: Os Browsers que você testou estão com o Proxy configurado?
Sim.
-
[2.1-RELEASE][root@medivh.ntu0]/root(1): squid -v Squid Cache: Version 3.3.8 configure options: '--with-default-user=squid' '--bindir=/usr/pbi/squid-amd64/sbin' '--sbindir=/usr/pbi/squid-amd64/sbin' '--datadir=/usr/pbi/squid-amd64/etc/squid' '--libexecdir=/usr/pbi/squid-amd64/libexec/squid' '--localstatedir=/var' '--sysconfdir=/usr/pbi/squid-amd64/etc/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid/squid.pid' '--with-swapdir=/var/squid/cache/squid' '--enable-auth' '--enable-build-info' '--enable-loadable-modules' '--enable-removal-policies=lru heap' '--disable-epoll' '--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-translation' '--enable-auth-basic=DB MSNT MSNT-multi-domain NCSA PAM POP3 RADIUS fake getpwnam LDAP SASL NIS' '--enable-auth-digest=file' '--enable-external-acl-helpers=file_userip time_quota unix_group LDAP_group kerberos_ldap_group' '--enable-auth-negotiate=kerberos wrapper' '--enable-auth-ntlm=fake smb_lm' '--enable-storeio=diskd rock ufs aufs' '--enable-disk-io=AIO Blocking DiskDaemon IpcIo Mmapped DiskThreads' '--enable-log-daemon-helpers=file' '--enable-url-rewrite-helpers=fake' '--enable-delay-pools' '--enable-ssl' '--with-openssl=/usr' '--enable-ssl-crtd' '--enable-icmp' '--enable-htcp' '--disable-forw-via-db' '--enable-cache-digests' '--enable-wccp' '--enable-wccpv2' '--enable-eui' '--disable-ipfw-transparent' '--enable-pf-transparent' '--disable-ipf-transparent' '--enable-follow-x-forwarded-for' '--disable-ecap' '--enable-icap-client' '--disable-esi' '--enable-kqueue' '--with-large-files' '--prefix=/usr/pbi/squid-amd64' '--mandir=/usr/pbi/squid-amd64/man' '--infodir=/usr/pbi/squid-amd64/info/' '--build=amd64-portbld-freebsd8.3' 'build_alias=amd64-portbld-freebsd8.3' 'CC=cc' 'CFLAGS=-O2 -pipe -I/usr/pbi/squid-amd64/include -I/usr/pbi/squid-amd64/include -I/usr/include -DLDAP_DEPRECATED -fno-strict-aliasing' 'LDFLAGS= -L/usr/pbi/squid-amd64/lib -L/usr/pbi/squid-amd64/lib -pthread -Wl,-rpath=/usr/lib:/usr/pbi/squid-amd64/lib -L/usr/lib' 'CPPFLAGS=-I/usr/pbi/squid-amd64/include' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -I/usr/pbi/squid-amd64/include -I/usr/pbi/squid-amd64/include -I/usr/include -DLDAP_DEPRECATED -fno-strict-aliasing' 'CPP=cpp' --enable-ltdl-convenience
[2.1-RELEASE][root@medivh.ntu0]/root(2): ls -l /var/squid/ total 8 drwxr-xr-x 2 proxy proxy 512 Sep 24 14:54 acl drwxr-xr-x 18 proxy proxy 512 Sep 25 00:00 cache drwxr-xr-x 3 proxy proxy 512 Sep 24 14:54 lib drwxr-xr-x 2 proxy proxy 512 Sep 24 15:16 logs
Pergunto: O usuário do squid não deveria ser "proxy"? Se eu não me engano é proxy na versão 2 disponível no repositório!
-
só pra constar aqui.
fiz essa vm com o pfsense e instalei o pacote squid (2). configurei e funcionou ok! está funcionando!
nem configurei multiwan nela, estou fazendo passo por passo.
tirei um snapshot dessa vm e a partir dele fiz uma nova vm, onde desinstalei o squid(2) e instalei o squid3. As configurações do squid(2) fora reconhecidas pelo squid3, ou seja, em teoria era pra funcionar também, contudo não está funcionando nem com reza "braba" e água benta! não está aparecendo o prompt de autenticação no navegador (que está configurado!).@UnDr3aD:
Pergunto: O usuário do squid não deveria ser "proxy"? Se eu não me engano é proxy na versão 2 disponível no repositório!
verifiquei na outra vm e é isso mesmo, o squid(2) usa o usuário proxy, mas o squid3 usa o usuário squid! poderia ser algo relacionado a isso?
-
Subi um squid3 sem problemas aqui.
Já seguiu as orientações do outro post? -
Subi um squid3 sem problemas aqui.
Já seguiu as orientações do outro post?sim. tenho feito várias pesquisas e segui aquele seu post do squid3.
vou fazer o seguinte:
mais uma vez,vou criar uma vm (com o .ova do pfSense 2.0.3 do repositório) e instalar do zero com o squid3 e testar. -
pois é…..
fiz o seguinte:instalei o pfSense 2.0.3 (appliance)
instalei os patches lá do post do squid3 (das outras vezes tinha instalado depois do squid3)
instalei o squid3-dev
configurei o squid para autenticar no AD e, ...
funcionou!!!!!
Eeeentretando...
atualizei o pfSense para a versão atual (2.1) (das outras vezes tinha atualizado primeiro de tudo) e, ...
o prompt para autenticação do proxy no navegador volta a NÃO aparecer.
(interessante que acessa a internet ok, até mesmo faz o log de acessos do squid, mas não abre janela de autenticação!)Logo, infere-se que há algum coisa
magia negra, omg!entre o squid3 e a versão do pfSense 2.1 que não estão se dando bem!
Ideias???? -
Estou falando deste tópico:
@marcelloc:http://forum.pfsense.org/index.php/topic,62263.msg366962.html#msg366962
onde diz:
Veja se o squid está escutando na porta que você configurou. Se não estiver, habilite o ipv6, mate todos os processos do squid e em seguida salve as configurações para iniciar o daemon novamente. -
Estou falando deste tópico:
@marcelloc:http://forum.pfsense.org/index.php/topic,62263.msg366962.html#msg366962
onde diz:
Veja se o squid está escutando na porta que você configurou. Se não estiver, habilite o ipv6, mate todos os processos do squid e em seguida salve as configurações para iniciar o daemon novamente.veja:
[2.1-RELEASE][root@mercurio.ntu0]/root(3): tcpdump port 3128
…
15:16:31.077410 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524 15:16:31.077551 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524 15:16:31.077845 IP ntu-0124.ntu0.local.20613 > mercurio.ntu0.3128: Flags [.], ack 16400, win 16425, length 0 15:16:31.079652 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524 15:16:31.079787 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524 15:16:31.080041 IP ntu-0124.ntu0.local.20613 > mercurio.ntu0.3128: Flags [.], ack 17448, win 16163, length 0 15:16:31.082037 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 524 15:16:31.082218 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20613: Flags [P.], ack 844, win 513, length 90 15:16:31.082535 IP ntu-0124.ntu0.local.20613 > mercurio.ntu0.3128: Flags [.], ack 18062, win 16425, length 0 15:16:31.096214 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.096383 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.096531 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 71553, win 16425, length 0 15:16:31.098522 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.098667 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.098894 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 72601, win 16163, length 0 15:16:31.100853 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.100986 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.101234 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 73649, win 16425, length 0 15:16:31.103190 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.103324 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.103574 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 74697, win 16163, length 0 15:16:31.105527 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.105666 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.106023 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 75745, win 16425, length 0 15:16:31.107981 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.108107 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.108406 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 76793, win 16163, length 0 15:16:31.110194 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 524 15:16:31.110335 IP mercurio.ntu0.3128 > ntu-0124.ntu0.local.20606: Flags [P.], ack 1285, win 513, length 154 15:16:31.110807 IP ntu-0124.ntu0.local.20606 > mercurio.ntu0.3128: Flags [.], ack 77995, win 16425, length 0 ^C 344 packets captured 560 packets received by filter 0 packets dropped by kernel
nas outras VM's eu tinha esquecido de ativar o IPv6, contudo nessa VM foi uma das primeiras coisas que eu fiz (e esqueci de colocar na resposta de cima)
pelo resultado acima acho que está ouvindo a porta sim. ainda assim devo matar os processos e salvar as configurações? (você disse pra fazer isso somente no caso de a porta não estar sendo ouvida.)
-
Se tem trafego na porta, então sim, os squid está rodando.
O que não bate com um dos primeiros logs que você mandou
returned exit code '1', the output was 'squid: ERROR: No running copy'
Se nesta última vm o squid está no ar sem morrer(veja o cache.log) o proximo passo é verificar as acls do squid.
-
Se tem trafego na porta, então sim, os squid está rodando.
O que não bate com um dos primeiros logs que você mandou
returned exit code '1', the output was 'squid: ERROR: No running copy'
Se nesta última vm o squid está no ar sem morrer(veja o cache.log) o proximo passo é verificar as acls do squid.
pois é… aí que está...
mesmo nessa nova VM, o resultado co comando grep -i squid /var/log/system.log é:
Sep 25 15:18:04 pfSense php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:18:04 pfSense php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:19:01 pfSense php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:19:02 pfSense php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:19:02 pfSense php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:19:02 pfSense php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:19:03 pfSense php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:19:04 pfSense php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 12:22:37 mercurio php: : [Squid] - Squid_resync function call pr: bp:1 rpc:no Sep 25 12:22:39 mercurio php: : Starting Squid Sep 25 12:22:39 mercurio squid[52687]: Squid Parent: will start 1 kids Sep 25 12:22:39 mercurio squid[52687]: Squid Parent: (squid-1) process 53140 started Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : Not calling package sync code for dependency squidreverse of squid3-dev because some include files are missing. Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:22:40 mercurio php: : [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:26:24 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 12:26:25 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 12:26:25 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 12:26:26 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 12:28:23 mercurio php: /pkg_edit.php: Creating squid cache subdirs in /var/squid/cache Sep 25 12:28:28 mercurio squid[52687]: Squid Parent: (squid-1) process 53140 exited with status 0 Sep 25 12:28:28 mercurio php: /pkg_edit.php: The command '/usr/local/sbin/squid -k kill -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 12:28:28 mercurio squid[24643]: Squid Parent: will start 1 kids Sep 25 12:28:28 mercurio squid[24643]: Squid Parent: (squid-1) process 25094 started Sep 25 12:28:28 mercurio squid[24643]: Squid Parent: (squid-1) process 25094 exited with status 0 Sep 25 12:28:28 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr: bp: rpc:no Sep 25 12:28:29 mercurio php: /pkg_edit.php: Creating squid cache subdirs in /var/squid/cache Sep 25 12:28:34 mercurio php: /pkg_edit.php: The command '/usr/local/sbin/squid -k kill -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 12:28:34 mercurio squid[28482]: Squid Parent: will start 1 kids Sep 25 12:28:34 mercurio squid[28482]: Squid Parent: (squid-1) process 28915 started Sep 25 12:28:38 mercurio squid[28482]: Squid Parent: (squid-1) process 28915 exited with status 0 Sep 25 12:28:38 mercurio php: /pkg_edit.php: Starting Squid Sep 25 12:28:38 mercurio squid[29299]: Squid Parent: will start 1 kids Sep 25 12:28:38 mercurio squid[29299]: Squid Parent: (squid-1) process 29601 started Sep 25 12:38:27 mercurio php: rc.bootup: List of packages to reinstall: squid3-dev Sep 25 12:38:27 mercurio php: rc.bootup: Uninstalling package squid3-dev Sep 25 12:38:41 mercurio php: rc.bootup: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: No running copy' Sep 25 12:38:41 mercurio php: rc.bootup: PBI dir for squid-3.3.8-amd64 was not found - cannot cleanup PBI files Sep 25 12:38:42 mercurio php: rc.bootup: Finished uninstalling package squid3-dev Sep 25 12:38:42 mercurio php: rc.bootup: Reinstalling package squid3-dev Sep 25 12:38:43 mercurio php: rc.bootup: Beginning package installation for squid3-dev . Sep 25 12:41:14 mercurio php: rc.bootup: Starting Squid Sep 25 12:41:14 mercurio squid[69152]: Squid Parent: will start 1 kids Sep 25 12:41:14 mercurio squid[69152]: Squid Parent: (squid-1) process 69410 started Sep 25 12:41:14 mercurio php: rc.bootup: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:15 mercurio php: rc.bootup: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:15 mercurio php: rc.bootup: Finished installing package squid3-dev Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: Not calling package sync code for dependency squidreverse of squid3-dev because some include files are missing. Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:16 mercurio php: rc.start_packages: [Squid] - Squid_resync function call pr:1 bp:1 rpc:no Sep 25 12:41:23 mercurio squid[90544]: Squid Parent: will start 1 kids Sep 25 12:41:23 mercurio squid[90544]: Squid Parent: (squid-1) process 90664 started Sep 25 15:44:41 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:44:42 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:44:42 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:45:25 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:45:25 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:45:25 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:45:53 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:45:54 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:45:54 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:46:38 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:46:39 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:46:39 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:47:45 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:47:46 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:47:46 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:47:46 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:47:47 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:47:47 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:48:21 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:48:22 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:48:22 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:48:22 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:48:23 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:48:23 mercurio squid: Bungled /usr/pbi/squid-amd64/etc/squid/squid.conf line 94: http_access allow password localnet Sep 25 15:48:23 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was '2013/09/25 15:48:23| aclParseAclList: ACL name 'localnet' not found. FATAL: Bungled /usr/pbi/squid-amd64/etc/squid/squid.conf line 94: http_access allow password localnet Squid Cache (Version 3.3.8): Terminated abnormally. CPU Usage: 0.034 seconds = 0.034 user + 0.000 sys Maximum Resident Size: 39424 KB Page faults with physical i/o: 0' Sep 25 15:48:44 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:48:45 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:48:45 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:48:51 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:48:51 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:48:51 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy' Sep 25 15:48:52 mercurio php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no Sep 25 15:48:52 mercurio php: /pkg_edit.php: Reloading Squid for configuration sync Sep 25 15:48:53 mercurio php: /pkg_edit.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
O tcpdump port 3128 continua dando o mesmo resultado acima (ou seja, passando trafego)
*tail -f /var/log/squid/log retorna:
==> /var/log/squid/access.log <== 1380134995.023 3110 192.168.0.108 TCP_MISS/304 377 GET http://pudim.com.br/ - HIER_DIRECT/200.219.245.95 - 1380134995.424 232 192.168.0.108 TCP_MISS/200 546 GET http://www.google-analytics.com/__utm.gif? - HIER_DIRECT/74.125.234.102 image/gif 1380135000.745 518 192.168.0.108 TCP_MISS/301 485 GET http://facebook.com/ - HIER_DIRECT/173.252.110.27 text/html 1380135001.233 483 192.168.0.108 TCP_MISS/301 542 GET http://www.facebook.com/ - HIER_DIRECT/31.13.73.33 text/html 1380135002.252 712 192.168.0.108 TCP_MISS/200 2327 POST http://ocsp.verisign.com/ - HIER_DIRECT/199.7.71.72 application/ocsp-response 1380135007.675 5066 192.168.0.108 TCP_MISS/200 24230 CONNECT fbstatic-a.akamaihd.net:443 - HIER_DIRECT/205.185.204.42 - 1380135007.678 8254 192.168.0.108 TCP_MISS/200 3772 CONNECT api.duckduckgo.com:443 - HIER_DIRECT/107.21.1.80 - 1380135007.680 6438 192.168.0.108 TCP_MISS/200 19163 CONNECT www.facebook.com:443 - HIER_DIRECT/31.13.73.33 - 1380135007.681 62532 192.168.0.108 TCP_MISS/200 4331 CONNECT www.google.com:443 - HIER_DIRECT/74.125.234.147 - 1380135007.682 7558 192.168.0.108 TCP_MISS/200 4649 CONNECT i.duckduckgo.com:443 - HIER_DIRECT/184.72.115.86 - ==> /var/log/squid/cache.log <== 2013/09/25 12:41:24 kid1| storeLateRelease: released 0 objects 2013/09/25 13:37:15 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state 2013/09/25 13:37:15 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state 2013/09/25 13:37:15 kid1| NETDB state saved; 8 entries, 0 msec 2013/09/25 14:31:23 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state 2013/09/25 14:31:23 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state 2013/09/25 14:31:23 kid1| NETDB state saved; 8 entries, 0 msec 2013/09/25 15:26:44 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state 2013/09/25 15:26:44 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state 2013/09/25 15:26:44 kid1| NETDB state saved; 9 entries, 0 msec
e só pra completar as informações estou mandando também squid -k parse:
2013/09/25 15:54:59| Startup: Initializing Authentication Schemes ... 2013/09/25 15:54:59| Startup: Initialized Authentication Scheme 'basic' 2013/09/25 15:54:59| Startup: Initialized Authentication Scheme 'digest' 2013/09/25 15:54:59| Startup: Initialized Authentication Scheme 'negotiate' 2013/09/25 15:54:59| Startup: Initialized Authentication Scheme 'ntlm' 2013/09/25 15:54:59| Startup: Initialized Authentication. 2013/09/25 15:54:59| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0) 2013/09/25 15:54:59| Processing: http_port 192.168.0.52:3128 2013/09/25 15:54:59| Processing: icp_port 7 2013/09/25 15:54:59| Processing: dns_v4_first on 2013/09/25 15:54:59| Processing: pid_filename /var/run/squid.pid 2013/09/25 15:54:59| Processing: cache_effective_user proxy 2013/09/25 15:54:59| Processing: cache_effective_group proxy 2013/09/25 15:54:59| Processing: error_default_language en 2013/09/25 15:54:59| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons 2013/09/25 15:54:59| Processing: visible_hostname localhost 2013/09/25 15:54:59| Processing: cache_mgr admin@localhost 2013/09/25 15:54:59| Processing: access_log /var/squid/logs/access.log 2013/09/25 15:54:59| Processing: cache_log /var/squid/logs/cache.log 2013/09/25 15:54:59| Processing: cache_store_log none 2013/09/25 15:54:59| Processing: logfile_rotate 0 2013/09/25 15:54:59| Processing: shutdown_lifetime 3 seconds 2013/09/25 15:54:59| Processing: httpd_suppress_version_string on 2013/09/25 15:54:59| Processing: uri_whitespace strip 2013/09/25 15:54:59| Processing: acl dynamic urlpath_regex cgi-bin \? 2013/09/25 15:54:59| Processing: cache deny dynamic 2013/09/25 15:54:59| Processing: cache_mem 8 MB 2013/09/25 15:54:59| Processing: maximum_object_size_in_memory 32 KB 2013/09/25 15:54:59| Processing: memory_replacement_policy heap GDSF 2013/09/25 15:54:59| Processing: cache_replacement_policy heap LFUDA 2013/09/25 15:54:59| Processing: cache_dir ufs /var/squid/cache 2048 16 256 2013/09/25 15:54:59| Processing: minimum_object_size 0 KB 2013/09/25 15:54:59| Processing: maximum_object_size 400 KB 2013/09/25 15:54:59| Processing: offline_mode off 2013/09/25 15:54:59| Processing: cache_swap_low 90 2013/09/25 15:54:59| Processing: cache_swap_high 95 2013/09/25 15:54:59| Processing: cache allow all 2013/09/25 15:54:59| Processing: acl allsrc src all 2013/09/25 15:54:59| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 3127 1025-65535 2013/09/25 15:54:59| Processing: acl sslports port 443 563 2013/09/25 15:54:59| Processing: acl purge method PURGE 2013/09/25 15:54:59| Processing: acl connect method CONNECT 2013/09/25 15:54:59| Processing: acl HTTP proto HTTP 2013/09/25 15:54:59| Processing: acl HTTPS proto HTTPS 2013/09/25 15:54:59| Processing: acl allowed_subnets src 192.168.0.0/24 2013/09/25 15:54:59| Processing: acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl" 2013/09/25 15:54:59| Processing: http_access allow manager localhost 2013/09/25 15:54:59| Processing: http_access deny manager 2013/09/25 15:54:59| Processing: http_access allow purge localhost 2013/09/25 15:54:59| Processing: http_access deny purge 2013/09/25 15:54:59| Processing: http_access deny !safeports 2013/09/25 15:54:59| Processing: http_access deny CONNECT !sslports 2013/09/25 15:54:59| Processing: request_body_max_size 0 KB 2013/09/25 15:54:59| Processing: delay_pools 1 2013/09/25 15:54:59| Processing: delay_class 1 2 2013/09/25 15:54:59| Processing: delay_parameters 1 -1/-1 -1/-1 2013/09/25 15:54:59| Processing: delay_initial_bucket_level 100 2013/09/25 15:54:59| Processing: delay_access 1 allow allsrc 2013/09/25 15:54:59| Processing: http_access deny blacklist 2013/09/25 15:54:59| Processing: auth_param basic program /usr/pbi/squid-amd64/libexec/squid/basic_ldap_auth -v 3 -b dc=ntu0,dc=local -D cn=Administrator,cn=Users,dc=ntu0,dc=local -w XXXXXXXXXXXXX -f "sAMAccountName=%s" -u uid -P 192.168.0.3:389 2013/09/25 15:54:59| Processing: auth_param basic children 5 2013/09/25 15:54:59| Processing: auth_param basic realm Please enter your credentials to access the proxy 2013/09/25 15:54:59| Processing: auth_param basic credentialsttl 60 minutes 2013/09/25 15:54:59| Processing: acl password proxy_auth REQUIRED 2013/09/25 15:54:59| Processing: http_access allow password allowed_subnets 2013/09/25 15:54:59| Processing: http_access deny allsrc 2013/09/25 15:54:59| Initializing https proxy context
mil tretas mano!
-
E o cache.log?
-
E o cache.log?
já tem o cache.log acima!
@UnDr3aD:
*tail -f /var/log/squid/log retorna:
==> /var/log/squid/cache.log <== 2013/09/25 12:41:24 kid1| storeLateRelease: released 0 objects 2013/09/25 13:37:15 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state 2013/09/25 13:37:15 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state 2013/09/25 13:37:15 kid1| NETDB state saved; 8 entries, 0 msec 2013/09/25 14:31:23 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state 2013/09/25 14:31:23 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state 2013/09/25 14:31:23 kid1| NETDB state saved; 8 entries, 0 msec 2013/09/25 15:26:44 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state 2013/09/25 15:26:44 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state 2013/09/25 15:26:44 kid1| NETDB state saved; 9 entries, 0 msec
ou tem outro log de cache em outro lugar???
-
continuando…!
as acl do squid parecem não estar funcionando também! não estou conseguindo bloquear nada!
-
Olá…Eu uso MultWan e Squid autenticado "transparente" por NTLM.....e aqui esta funcionando...
Você criou a regra de floating?
Lá em Custom você colocou o tcp_outgoing_address?Não sei se pode ser isso...masss....