Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] squid3-dev (3.3.10 pkg 2.2) + Clamav Antivirus won't start

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    23 Posts 6 Posters 43.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E Offline
      eduardogoncalves
      last edited by

      Hi,
      with "HTTPS/SSL interception" disabled I can start squid and everything works.

      But on reboot squid still hangs on boot "pw: no such user 'clamav", though it's running (all services start automatically)…

      
[2.1-RELEASE][admin@pfSense.novanis.srv.br]/root(199): squid -NsXY
2014/03/07 10:47:10.008| debug.cc(424) parseOptions: command-line -X overrides: ALL,7
2014/03/07 10:47:10.008| cache_manager.cc(102) registerProfile: registering legacy mem
2014/03/07 10:47:10.008| cache_manager.cc(87) registerProfile: registered profile: mem
2014/03/07 10:47:10.008| cache_manager.cc(102) registerProfile: registering legacy squidaio_counts
2014/03/07 10:47:10.008| cache_manager.cc(87) registerProfile: registered profile: squidaio_counts
2014/03/07 10:47:10.008| cache_manager.cc(87) registerProfile: registered profile: diskd
2014/03/07 10:47:10.008| rock/RockStoreFileSystem.cc(44) setup: Will use Rock FS
2014/03/07 10:47:10.008| Startup: Initializing Authentication Schemes ...
2014/03/07 10:47:10.008| Startup: Initialized Authentication Scheme 'basic'
2014/03/07 10:47:10.008| Startup: Initialized Authentication Scheme 'digest'
2014/03/07 10:47:10.008| Startup: Initialized Authentication Scheme 'negotiate'
2014/03/07 10:47:10.008| Startup: Initialized Authentication Scheme 'ntlm'
2014/03/07 10:47:10.008| Startup: Initialized Authentication.
2014/03/07 10:47:10.008| tools.cc(69) ProbeTransport: Detected IPv6 hybrid or v4-mapping stack...
2014/03/07 10:47:10.008| tools.cc(83) ProbeTransport: IPv6 transport Enabled
2014/03/07 10:47:10.008| Config.cc(39) registerTokens:  register format tokens for 'adapt'
2014/03/07 10:47:10.008| Config.cc(39) registerTokens:  register format tokens for 'icap'
2014/03/07 10:47:10.009| Config.cc(39) registerTokens:  register format tokens for 'ssl'
2014/03/07 10:47:10.009| cache_cf.cc(609) parseConfigFile:
2014/03/07 10:47:10.009| cf_parser.cci(3203) free_all:
2014/03/07 10:47:10.009| Gadgets.cc(245) aclDestroyAcls: aclDestroyACLs: invoked
2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certHasExpired'
2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.009| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certHasExpired'
2014/03/07 10:47:10.009| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b074d0
2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certNotYetValid'
2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.009| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certNotYetValid'
2014/03/07 10:47:10.009| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b074f0
2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certDomainMismatch'
2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.009| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certDomainMismatch'
2014/03/07 10:47:10.009| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07510
2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certUntrusted'
2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.009| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certUntrusted'
2014/03/07 10:47:10.009| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07530
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07550
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07570
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07590
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b075b0
2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b075d0
2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certSelfSigned'
2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.010| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certSelfSigned'
2014/03/07 10:47:10.010| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
2014/03/07 10:47:10.010| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b075f0
2014/03/07 10:47:10.010| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type src
2014/03/07 10:47:10.010| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.010| Acl.cc(61) FindByName: ACL::FindByName 'all'
2014/03/07 10:47:10.010| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.010| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'all'
2014/03/07 10:47:10.010| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'src'
2014/03/07 10:47:10.010| Ip.cc(260) FactoryParse: aclIpParseIpData: all
2014/03/07 10:47:10.010| Ip.cc(264) FactoryParse: aclIpParseIpData: magic 'all' found.
2014/03/07 10:47:10.010| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type url_regex
2014/03/07 10:47:10.010| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.010| Acl.cc(61) FindByName: ACL::FindByName 'manager'
2014/03/07 10:47:10.010| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.010| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'manager'
2014/03/07 10:47:10.010| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'url_regex'
2014/03/07 10:47:10.010| RegexData.cc(323) aclParseRegexList: aclParseRegexList: new Regex line or file
2014/03/07 10:47:10.010| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '-i'
2014/03/07 10:47:10.010| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '^cache_object://'
2014/03/07 10:47:10.010| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '+i'
2014/03/07 10:47:10.010| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '^https?://[^/]+/squid-internal-mgr/'
2014/03/07 10:47:10.010| RegexData.cc(214) compileOptimisedREs: compileOptimisedREs: -i
2014/03/07 10:47:10.010| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE '^cache_object://'
2014/03/07 10:47:10.010| RegexData.cc(228) compileOptimisedREs: compileOptimisedREs: +i
2014/03/07 10:47:10.010| RegexData.cc(173) compileRE: compileRE: compiled '(^cache_object://)' with flags 7
2014/03/07 10:47:10.010| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE '^https?://[^/]+/squid-internal-mgr/'
2014/03/07 10:47:10.010| RegexData.cc(173) compileRE: compileRE: compiled '(^https?://[^/]+/squid-internal-mgr/)' with flags 5
2014/03/07 10:47:10.010| RegexData.cc(281) compileOptimisedREs: compileOptimisedREs: 2 REs are optimised into one RE.
2014/03/07 10:47:10.010| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type src
2014/03/07 10:47:10.010| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.010| Acl.cc(61) FindByName: ACL::FindByName 'localhost'
2014/03/07 10:47:10.010| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.010| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'localhost'
2014/03/07 10:47:10.010| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'src'
2014/03/07 10:47:10.010| Ip.cc(260) FactoryParse: aclIpParseIpData: 127.0.0.1/32
2014/03/07 10:47:10.010| Ip.cc(368) FactoryParse: aclIpParseIpData: '127.0.0.1/32' matched: SCAN3-v4: %[0123456789.]/%[0123456789.]
2014/03/07 10:47:10.011| Ip.cc(500) FactoryParse: Parsed: 127.0.0.1-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff](/128)
2014/03/07 10:47:10.011| Ip.cc(260) FactoryParse: aclIpParseIpData: ::1
2014/03/07 10:47:10.011| Ip.cc(405) FactoryParse: aclIpParseIpData: Lookup Host/IP ::1
2014/03/07 10:47:10.011| Ip.cc(439) FactoryParse: aclIpParseIpData: Located host/IP: '[::1]'
2014/03/07 10:47:10.011| Ip.cc(446) FactoryParse: ::1 --> [::1]
2014/03/07 10:47:10.011| Ip.cc(432) FactoryParse: aclIpParseIpData: Duplicate host/IP: '[::1]' dropped.
2014/03/07 10:47:10.011| Ip.cc(432) FactoryParse: aclIpParseIpData: Duplicate host/IP: '[::1]' dropped.
2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 127.0.0.1/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] (127.0.0.1)  vs [::1]-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: [::1]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] ([::1])  vs 127.0.0.1-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
2014/03/07 10:47:10.011| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type dst
2014/03/07 10:47:10.011| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.011| Acl.cc(61) FindByName: ACL::FindByName 'to_localhost'
2014/03/07 10:47:10.011| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.011| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'to_localhost'
2014/03/07 10:47:10.011| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'dst'
2014/03/07 10:47:10.011| Ip.cc(260) FactoryParse: aclIpParseIpData: 127.0.0.0/8
2014/03/07 10:47:10.011| Ip.cc(368) FactoryParse: aclIpParseIpData: '127.0.0.0/8' matched: SCAN3-v4: %[0123456789.]/%[0123456789.]
2014/03/07 10:47:10.011| Ip.cc(500) FactoryParse: Parsed: 127.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ff00:0](/104)
2014/03/07 10:47:10.011| Ip.cc(260) FactoryParse: aclIpParseIpData: 0.0.0.0/32
2014/03/07 10:47:10.011| Ip.cc(368) FactoryParse: aclIpParseIpData: '0.0.0.0/32' matched: SCAN3-v4: %[0123456789.]/%[0123456789.]
2014/03/07 10:47:10.011| Ip.cc(500) FactoryParse: Parsed: 0.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff](/128)
2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 127.0.0.0/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] (127.0.0.0)  vs 0.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 0.0.0.0/[ffff:ffff:ffff:ffff:ffff:ffff:ff00:0] (0.0.0.0)  vs 127.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ff00:0]
2014/03/07 10:47:10.011| Ip.cc(260) FactoryParse: aclIpParseIpData: ::1
2014/03/07 10:47:10.011| Ip.cc(405) FactoryParse: aclIpParseIpData: Lookup Host/IP ::1
2014/03/07 10:47:10.011| Ip.cc(439) FactoryParse: aclIpParseIpData: Located host/IP: '[::1]'
2014/03/07 10:47:10.011| Ip.cc(446) FactoryParse: ::1 --> [::1]
2014/03/07 10:47:10.011| Ip.cc(432) FactoryParse: aclIpParseIpData: Duplicate host/IP: '[::1]' dropped.
2014/03/07 10:47:10.011| Ip.cc(432) FactoryParse: aclIpParseIpData: Duplicate host/IP: '[::1]' dropped.
2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 0.0.0.0/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] (0.0.0.0)  vs [::1]-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: [::1]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] ([::1])  vs 0.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
2014/03/07 10:47:10.011| Processing Configuration File: /usr/pbi/squid-i386/etc/squid/squid.conf (depth 0)
2014/03/07 10:47:10.012| cache_cf.cc(557) parseOneConfigFile: Processing: http_port 10.1.1.1:3128
2014/03/07 10:47:10.012| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b66210
2014/03/07 10:47:10.012| cache_cf.cc(3551) parsePortSpecification: http_port: Listen on Host/IP: 10.1.1.1 --> 10.1.1.1:3128
2014/03/07 10:47:10.012| cbdata.cc(419) cbdataInternalLock: cbdataLock: 0x28b66210=1
2014/03/07 10:47:10.012| cache_cf.cc(557) parseOneConfigFile: Processing: http_port 127.0.0.1:3128 intercept
2014/03/07 10:47:10.012| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b66310
2014/03/07 10:47:10.012| cache_cf.cc(3551) parsePortSpecification: http_port: Listen on Host/IP: 127.0.0.1 --> 127.0.0.1:3128
2014/03/07 10:47:10.012| Starting Authentication on port 127.0.0.1:3128
2014/03/07 10:47:10.012| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2014/03/07 10:47:10.012| Disabling IPv6 on port 127.0.0.1:3128 (interception enabled)
2014/03/07 10:47:10.013| cbdata.cc(419) cbdataInternalLock: cbdataLock: 0x28b66310=1
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: icp_port 7
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: dns_v4_first off
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: pid_filename /var/run/squid.pid
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_effective_user proxy
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_effective_group proxy
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: error_default_language en
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: icon_directory /usr/pbi/squid-i386/etc/squid/icons
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: visible_hostname localhost
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_mgr admin@localhost
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: access_log /dev/null
2014/03/07 10:47:10.013| cache_cf.cc(4042) parse_access_log: Log definition name 'squid' file '/dev/null'
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_log /var/squid/logs/cache.log
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_store_log none
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: logfile_rotate 0
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: shutdown_lifetime 3 seconds
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: acl localnet src  10.1.1.0/24
2014/03/07 10:47:10.013| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type src
2014/03/07 10:47:10.013| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.013| Acl.cc(61) FindByName: ACL::FindByName 'localnet'
2014/03/07 10:47:10.013| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.013| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'localnet'
2014/03/07 10:47:10.013| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'src'
2014/03/07 10:47:10.013| Ip.cc(260) FactoryParse: aclIpParseIpData: 10.1.1.0/24
2014/03/07 10:47:10.013| Ip.cc(368) FactoryParse: aclIpParseIpData: '10.1.1.0/24' matched: SCAN3-v4: %[0123456789.]/%[0123456789.]
2014/03/07 10:47:10.013| Ip.cc(500) FactoryParse: Parsed: 10.1.1.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00](/120)
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: uri_whitespace strip
2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: acl dynamic urlpath_regex cgi-bin \?
2014/03/07 10:47:10.013| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type urlpath_regex
2014/03/07 10:47:10.013| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.013| Acl.cc(61) FindByName: ACL::FindByName 'dynamic'
2014/03/07 10:47:10.014| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.014| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'dynamic'
2014/03/07 10:47:10.014| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'urlpath_regex'
2014/03/07 10:47:10.014| RegexData.cc(323) aclParseRegexList: aclParseRegexList: new Regex line or file
2014/03/07 10:47:10.014| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE 'cgi-bin'
2014/03/07 10:47:10.014| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '\?'
2014/03/07 10:47:10.014| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE 'cgi-bin'
2014/03/07 10:47:10.014| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE '\?'
2014/03/07 10:47:10.014| RegexData.cc(173) compileRE: compileRE: compiled '(cgi-bin)|(\?)' with flags 5
2014/03/07 10:47:10.014| RegexData.cc(281) compileOptimisedREs: compileOptimisedREs: 2 REs are optimised into one RE.
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: cache deny dynamic
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64440
2014/03/07 10:47:10.014| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'dynamic'
2014/03/07 10:47:10.014| Acl.cc(61) FindByName: ACL::FindByName 'dynamic'
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: cache_mem 8 MB
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: maximum_object_size_in_memory 32 KB
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: memory_replacement_policy heap GDSF
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: cache_replacement_policy heap LFUDA
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: minimum_object_size 0 KB
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: maximum_object_size 10 KB
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: offline_mode off
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: cache allow all
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b644a0
2014/03/07 10:47:10.014| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
2014/03/07 10:47:10.014| Acl.cc(61) FindByName: ACL::FindByName 'all'
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: acl allsrc src all
2014/03/07 10:47:10.014| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type src
2014/03/07 10:47:10.014| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.014| Acl.cc(61) FindByName: ACL::FindByName 'allsrc'
2014/03/07 10:47:10.014| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.014| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'allsrc'
2014/03/07 10:47:10.014| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'src'
2014/03/07 10:47:10.014| Ip.cc(260) FactoryParse: aclIpParseIpData: all
2014/03/07 10:47:10.014| Ip.cc(264) FactoryParse: aclIpParseIpData: magic 'all' found.
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 3127 1025-65535
2014/03/07 10:47:10.014| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type port
2014/03/07 10:47:10.014| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.014| Acl.cc(61) FindByName: ACL::FindByName 'safeports'
2014/03/07 10:47:10.014| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.014| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'safeports'
2014/03/07 10:47:10.014| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'port'
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b077b0
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07830
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07850
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07870
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07890
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b078b0
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b078d0
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b078f0
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07910
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07930
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07950
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07970
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07990
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b079b0
2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b079d0
2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: acl sslports port 443 563
2014/03/07 10:47:10.014| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type port
2014/03/07 10:47:10.014| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'sslports'
2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'sslports'
2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'port'
2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07a30
2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07a50
2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl purge method PURGE
2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type method
2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'purge'
2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'purge'
2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'method'
2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64530
2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl connect method CONNECT
2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type method
2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'connect'
2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'connect'
2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'method'
2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64560
2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl HTTP proto HTTP
2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type proto
2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'HTTP'
2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'HTTP'
2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'proto'
2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07b10
2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl HTTPS proto HTTPS
2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type proto
2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'HTTPS'
2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'HTTPS'
2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'proto'
2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07b50
2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type dstdom_regex
2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'blacklist'
2014/03/07 10:47:10.016| Acl.cc(67) FindByName: ACL::FindByName found no match
2014/03/07 10:47:10.016| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'blacklist'
2014/03/07 10:47:10.016| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'dstdom_regex'
2014/03/07 10:47:10.016| RegexData.cc(323) aclParseRegexList: aclParseRegexList: new Regex line or file
2014/03/07 10:47:10.016| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '-i'
2014/03/07 10:47:10.016| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE 'facebook.com'
2014/03/07 10:47:10.016| RegexData.cc(214) compileOptimisedREs: compileOptimisedREs: -i
2014/03/07 10:47:10.016| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE 'facebook.com'
2014/03/07 10:47:10.016| RegexData.cc(173) compileRE: compileRE: compiled '(facebook.com)' with flags 7
2014/03/07 10:47:10.016| RegexData.cc(281) compileOptimisedREs: compileOptimisedREs: 1 REs are optimised into one RE.
2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access allow manager localhost
2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64590
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'manager'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'manager'
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'localhost'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'localhost'
2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny manager
2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64500
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'manager'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'manager'
2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access allow purge localhost
2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64620
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'purge'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'purge'
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'localhost'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'localhost'
2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny purge
2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b645f0
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'purge'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'purge'
2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny !safeports
2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64680
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'safeports'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'safeports'
2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny CONNECT !sslports
2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b646e0
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'CONNECT'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'CONNECT'
2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'sslports'
2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'sslports'
2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: request_body_max_size 0 KB
2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: delay_pools 1
2014/03/07 10:47:10.017| event.cc(346) schedule: schedule: Adding 'DelayPools::Update', in 1.00 seconds
2014/03/07 10:47:10.017| cache_cf.cc(557) parseOneConfigFile: Processing: delay_class 1 2
2014/03/07 10:47:10.017| cache_cf.cc(557) parseOneConfigFile: Processing: delay_parameters 1 -1/-1 -1/-1
2014/03/07 10:47:10.017| cache_cf.cc(557) parseOneConfigFile: Processing: delay_initial_bucket_level 100
2014/03/07 10:47:10.017| cache_cf.cc(557) parseOneConfigFile: Processing: delay_access 1 allow allsrc
2014/03/07 10:47:10.018| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b646b0
2014/03/07 10:47:10.018| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'allsrc'
2014/03/07 10:47:10.018| Acl.cc(61) FindByName: ACL::FindByName 'allsrc'
2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny blacklist
2014/03/07 10:47:10.018| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64740
2014/03/07 10:47:10.018| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'blacklist'
2014/03/07 10:47:10.018| Acl.cc(61) FindByName: ACL::FindByName 'blacklist'
2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: http_access allow localnet
2014/03/07 10:47:10.018| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64770
2014/03/07 10:47:10.018| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'localnet'
2014/03/07 10:47:10.018| Acl.cc(61) FindByName: ACL::FindByName 'localnet'
2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny allsrc
2014/03/07 10:47:10.018| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b647a0
2014/03/07 10:47:10.018| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'allsrc'
2014/03/07 10:47:10.018| Acl.cc(61) FindByName: ACL::FindByName 'allsrc'
2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: icap_enable on
2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: icap_send_client_ip on
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_send_client_username on
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_client_username_encode off
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_client_username_header X-Authenticated-User
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_preview_enable on
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_preview_size 1024
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
2014/03/07 10:47:10.019| ServiceConfig.cc(174) grokUri: /usr/pbi/squid-i386/etc/squid/squid.conf:103: service protocol is icap
2014/03/07 10:47:10.019| ServiceConfig.cc(148) parse: /usr/pbi/squid-i386/etc/squid/squid.conf:103: adaptation_service service_req REQMOD_PRECACHE 00 icap://127.0.0.1:1344/squidclamav
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
2014/03/07 10:47:10.019| ServiceConfig.cc(174) grokUri: /usr/pbi/squid-i386/etc/squid/squid.conf:104: service protocol is icap
2014/03/07 10:47:10.019| ServiceConfig.cc(148) parse: /usr/pbi/squid-i386/etc/squid/squid.conf:104: adaptation_service service_resp RESPMOD_PRECACHE 00 icap://127.0.0.1:1344/squidclamav
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: adaptation_access service_req allow all
2014/03/07 10:47:10.019| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64a10
2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: adaptation_access service_resp allow all
2014/03/07 10:47:10.019| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64aa0
2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
2014/03/07 10:47:10.019| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b649b0
2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
2014/03/07 10:47:10.019| wccp2.cc(533) wccp2_add_service_list: wccp2_add_service_list: added service id 0
2014/03/07 10:47:10.019| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64b00
2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'ssl::certUntrusted'
2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certUntrusted'
2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'ssl::certSelfSigned'
2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certSelfSigned'
2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
2014/03/07 10:47:10.020| tools.cc(585) uniqueHostname:  Config: '
2014/03/07 10:47:10.020| tools.cc(585) uniqueHostname:  Config: '
2014/03/07 10:47:10.020| Initializing https proxy context
2014/03/07 10:47:10.021| support.cc(1000) sslCreateClientContext: Using SSLv2/SSLv3.
2014/03/07 10:47:10.021| support.cc(1052) sslCreateClientContext: Setting RSA key generation callback.
2014/03/07 10:47:10.021| support.cc(1059) sslCreateClientContext: Setting certificate verification callback.
2014/03/07 10:47:10.021| support.cc(1063) sslCreateClientContext: Setting CA certificate locations.
2014/03/07 10:47:10.021| tools.cc(597) leave_suid: leave_suid: PID 5747 called
2014/03/07 10:47:10.021| tools.cc(619) leave_suid: leave_suid: PID 5747 giving up root, becoming 'proxy'
2014/03/07 10:47:10.021| debug.cc(424) parseOptions: command-line -X overrides: ALL,1
      1 Reply Last reply Reply Quote 0
      • E Offline
        exograpix
        last edited by

        Neither squidguard nor antivirus start at the start up, I have to login and manually save squid setting, than voila it works, please see my log of startup and after I click save in squid.

        error1.txt

        1 Reply Last reply Reply Quote 0
        • U Offline
          usabug
          last edited by

          Can anyone please inform me why when i enable the antivirus then i cannot serf the web ?

          The following error appears :

          ==========quote============

          ERROR in the browser
          The following error was encountered while trying to retrieve the URL:
          http://google.com
              ICAP protocol error.

          The system returned: [No Error]

          This means that some aspect of the ICAP communication failed.

          Some possible problems are:

          *

          The ICAP server is not reachable.
              *

          An Illegal response was received from the ICAP server.

          ==================unquote =====================

          If i run the client to the console

          /usr/local/bin/c-icap-client
          ICAP server:localhost, ip:127.0.0.1, port:1344

          OPTIONS:
                  Allow 204: Yes
                  Preview: 1024
                  Keep alive: Yes

          ICAP HEADERS:
                  ICAP/1.0 200 OK:
                  Methods:RESPMOD, REQMOD
                  Service:C-ICAP/0.2.5 server - Echo demo service
                  ISTag:CI0001-XXXXXXXXX
                  Transfer-Preview:*
                  Options-TTL:3600
                  Date:Tue, 11 Mar 2014 13:54:59 GMT
                  Preview:1024
                  Allow:204
                  X-Include:X-Authenticated-User, X-Authenticated-Groups
                  Encapsulated:null-body=0

          and all the services seems that are running .

          I look forward for your responses .

          1 Reply Last reply Reply Quote 0
          • marcellocM Offline
            marcelloc
            last edited by

            usabug, can you try with pfsense 32 bits?

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • U Offline
              usabug
              last edited by

              @marcelloc:

              usabug, can you try with pfsense 32 bits?

              Dear Marcelloc ,

              I can try but if i use 32 bit operating system then i can only use only 4GB ram .

              The server right now has onboard 16G ram .

              If i use the 32 bit operating system i have to install a kernel with Physical address extension , witch these solution is not an option cause it makes too much crushes .

              But if you want me to do it just for test , i can do it

              1 Reply Last reply Reply Quote 0
              • O Offline
                Oliver_
                last edited by

                First i want to thank you guys for your work  @ Eduardo Gonçalves & marcelloc

                How can we help you with your work? Tomorrow my Testing-System should be running again and i have a little time for testing!

                1 Reply Last reply Reply Quote 0
                • marcellocM Offline
                  marcelloc
                  last edited by

                  @Oliver_:

                  How can we help you with your work?

                  The problem is that c-icap is crashing when called by squid. you can check it on squid logs.

                  Treinamentos de Elite: http://sys-squad.com

                  Help a community developer! ;D

                  1 Reply Last reply Reply Quote 0
                  • belleraB Offline
                    bellera
                    last edited by

                    Working with squid3-devel in non-transparent mode, in transparent mode for http but when I activated transparent mode for https doesn't work.

                    Here is my /var/log/system.log

                    Mar 13 20:47:24 fw2 php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Mar 13 20:47:24 fw2 php: /pkg_edit.php: Reloading Squid for configuration sync
Mar 13 20:47:24 fw2 check_reload_status: Reloading filter
Mar 13 20:47:25 fw2 check_reload_status: Syncing firewall
Mar 13 20:47:25 fw2 php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Mar 13 20:47:25 fw2 php: /pkg_edit.php: Reloading Squid for configuration sync
Mar 13 20:47:25 fw2 squid: Bungled /usr/pbi/squid-i386/etc/squid/squid.conf line 6: https_port 127.0.0.1:3129 intercept 
Mar 13 20:47:25 fw2 php: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -k reconfigure -f /usr/pbi/squid-i386/etc/squid/squid.conf' returned exit code '1', the output was '2014/03/13 20:47:25| FATAL: tproxy/intercept on https_port requires ssl-bump which is missing. FATAL: Bungled /usr/pbi/squid-i386/etc/squid/squid.conf line 6: https_port 127.0.0.1:3129 intercept Squid Cache (Version 3.3.10): Terminated abnormally. CPU Usage: 0.008 seconds = 0.008 user + 0.000 sys Maximum Resident Size: 28544 KB Page faults with physical i/o: 0'

                    Similar problem and clamav is not yet activated. I'm implementing squid3-devel step-by-step…

                    I tried stop/start squid and same result.

                    FATAL: tproxy/intercept on https_port requires ssl-bump which is missing. FATAL: Bungled /usr/pbi/squid-i386/etc/squid/squid.conf line 6: https_port 127.0.0.1:3129 intercept Squid Cache (Version 3.3.10): Terminated abnormally.

                    1 Reply Last reply Reply Quote 0
                    • belleraB Offline
                      bellera
                      last edited by

                      My system is 32 bit…

                      Differences in squid.conf when applying for transparent SSL mode:

                      diff squid.conf_transparent.txt squid.conf_transparent_ssl.txt 
4,5c4,6
< http_port 192.168.1.1:3128
< http_port 127.0.0.1:3128 intercept
---
> http_port 192.168.1.1:3128 
> http_port 127.0.0.1:3128 intercept 
> https_port 127.0.0.1:3129 intercept 
87a89,90
> always_direct allow all
> ssl_bump server-first all
                      1 Reply Last reply Reply Quote 0
                      • belleraB Offline
                        bellera
                        last edited by

                        Working, but…

                        Must I create my own CA?

                        Can I use an "official" CA or not?

                        diff squid.conf_transparent_ssl.txt squid.conf_transparent_ssl_myself.txt 
4,6c4,9
< http_port 192.168.1.1:3128 
< http_port 127.0.0.1:3128 intercept 
< https_port 127.0.0.1:3129 intercept 
---
> http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-i386/etc/squid/serverkey.pem capath=/usr/pbi/squid-i386/share/certs/
> 
> http_port 127.0.0.1:3128 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-i386/etc/squid/serverkey.pem capath=/usr/pbi/squid-i386/share/certs/
> 
> https_port 127.0.0.1:3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-i386/etc/squid/serverkey.pem capath=/usr/pbi/squid-i386/share/certs/
> 
18a22,25
> sslcrtd_program /usr/pbi/squid-i386/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048
> sslcrtd_children 5
> sslproxy_capath /usr/pbi/squid-i386/share/certs/
> sslproxy_cert_adapt setCommonName all

                        I will like not do do this:

                        Install the CA crt as an trusted ca on each computer you want to filter ssl to avoid ssl error on each connection.

                        Could be, in fact, impossible. A lot of BYOD (http://en.wikipedia.org/wiki/Bring_your_own_device)…

                        1 Reply Last reply Reply Quote 0
                        • O Offline
                          Oliver_
                          last edited by

                          Yes you must create your own ca! I think it is not possible to use an "official" CA, because you are using a Man-In-The-Middle Attack to fetch and control https traffic.
                          Of course every https filter will use a MITM-attack so the client must have a trusted wildcard cert of the controling unit.

                          A Solution can be to have a non transparent SSL-Proxy and only devices that are under your control are forced to use Proxy.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.