• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Squid on 2.1 amd64 not working or I'm retarded

Scheduled Pinned Locked Moved pfSense Packages
6 Posts 2 Posters 1.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    p0ddie
    last edited by Dec 3, 2013, 5:40 PM

    Hi,

    not the first time I install squid on pfsense. First time it fails, however.

    I have an Atom appliance here with freshly installed 4g nanobsd pfsense 2.1 and I tried with the squid 2 and squid 3 package. I basically install the package, wait for it to finish, then go to "proxy server" in the gui, enable the server, select my LAN port, give squid a port to listen to  (tried 8228 and 3128), allow users on interface is checked and for good measure I also entered my subnet into the allowed subnets under ACL (tried without, too). Save everything.

    I set up a browser to use the proxy, nothing loads. I try telnet <ip of="" proxy=""><3128/8228> and I don't get a telnet connect (not sure if this will work anyway).

    I also completely uninstalled and reinstalled the squid package (both squid2 and 3)
    Did I forget anything?

    I will have to turn on logs for squid - is there any path to have them go to ram (I only have a 4gb cf card in this pfsense box).

    Sorry for the noobish approach here, but I think there's a problem at the very start of all of this.

    Thanks!</ip>

    1 Reply Last reply Reply Quote 0
    • N
      Nachtfalke
      last edited by Dec 3, 2013, 7:06 PM

      Hi,

      not sure if squid works nanobsd so please try to change disk cache from (a)ufs to "null" to disable caching on HDD/CF.

      Then make sure - for testing - you set an "any to any" firewall rule on your LAN interface - for testing.
      Then you can try with "transparent proxy" first an check if browsing the web using http websites will work.
      If it works you can disable "transparent proxy" and add the proxy to your browser and test again.

      Further you should enable logging on the firewall rule which loggs the packets from your client to pfsense/proxy/WAN

      1 Reply Last reply Reply Quote 0
      • P
        p0ddie
        last edited by Dec 4, 2013, 10:43 AM

        Hi,

        I think I forgot the firewall rule  ::)  :o

        Anyway, for some reason squidguard will not start, it keeps being "stopped". When I completely uninstall squid and squidguard, reboot, then install again, all my old settings are still there.

        How can I delete all settings from squid so I can start over with installing and configuring? /usr/local/pkg had no squid related files I could see…

        thanks again!

        1 Reply Last reply Reply Quote 0
        • N
          Nachtfalke
          last edited by Dec 4, 2013, 3:39 PM

          On squid3 squidguard only starts when needed. If there are no connections then squidguard is stopped.

          To delete config have a look at the backup config.xml and delete the squidguard part in the packages section.

          Or try:
          /conf/config.xml

          1 Reply Last reply Reply Quote 0
          • P
            p0ddie
            last edited by Dec 5, 2013, 8:00 PM

            Thanks a lot for your help so far. I installed another pfsense box today (also nanobsd but i386) and has similar problems. Got tired, installed pfsense full on a ssd that was supposed to go into the system anyway and voila, everything worked as a charm.

            Upon researching, I found out that the main problem with squidguard seems to be the blacklist - it's too large to fit into wherever (/var or /tmp) it is being copied, so it gets truncated and thus squidguard freaks out.

            I'll see if I can make these locations bigger, or I'll just write off the cf card as "not suitable for pfsense as a proxy" and use a small ssd.

            1 Reply Last reply Reply Quote 0
            • N
              Nachtfalke
              last edited by Dec 5, 2013, 10:32 PM

              As far as I know unser system - advanced there is the possibility to change these locations, isn't it? I am not sure at all.

              1 Reply Last reply Reply Quote 0
              5 out of 6
              • First post
                5/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received