Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] squid3-dev (3.3.10 pkg 2.2) + Clamav Antivirus won't start

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    23 Posts 6 Posters 43.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E Offline
      eduardogoncalves
      last edited by

      Hi,
      with "HTTPS/SSL interception" disabled I can start squid and everything works.

      But on reboot squid still hangs on boot "pw: no such user 'clamav", though it's running (all services start automatically)…

      
      [2.1-RELEASE][admin@pfSense.novanis.srv.br]/root(199): squid -NsXY
      2014/03/07 10:47:10.008| debug.cc(424) parseOptions: command-line -X overrides: ALL,7
      2014/03/07 10:47:10.008| cache_manager.cc(102) registerProfile: registering legacy mem
      2014/03/07 10:47:10.008| cache_manager.cc(87) registerProfile: registered profile: mem
      2014/03/07 10:47:10.008| cache_manager.cc(102) registerProfile: registering legacy squidaio_counts
      2014/03/07 10:47:10.008| cache_manager.cc(87) registerProfile: registered profile: squidaio_counts
      2014/03/07 10:47:10.008| cache_manager.cc(87) registerProfile: registered profile: diskd
      2014/03/07 10:47:10.008| rock/RockStoreFileSystem.cc(44) setup: Will use Rock FS
      2014/03/07 10:47:10.008| Startup: Initializing Authentication Schemes ...
      2014/03/07 10:47:10.008| Startup: Initialized Authentication Scheme 'basic'
      2014/03/07 10:47:10.008| Startup: Initialized Authentication Scheme 'digest'
      2014/03/07 10:47:10.008| Startup: Initialized Authentication Scheme 'negotiate'
      2014/03/07 10:47:10.008| Startup: Initialized Authentication Scheme 'ntlm'
      2014/03/07 10:47:10.008| Startup: Initialized Authentication.
      2014/03/07 10:47:10.008| tools.cc(69) ProbeTransport: Detected IPv6 hybrid or v4-mapping stack...
      2014/03/07 10:47:10.008| tools.cc(83) ProbeTransport: IPv6 transport Enabled
      2014/03/07 10:47:10.008| Config.cc(39) registerTokens:  register format tokens for 'adapt'
      2014/03/07 10:47:10.008| Config.cc(39) registerTokens:  register format tokens for 'icap'
      2014/03/07 10:47:10.009| Config.cc(39) registerTokens:  register format tokens for 'ssl'
      2014/03/07 10:47:10.009| cache_cf.cc(609) parseConfigFile:
      2014/03/07 10:47:10.009| cf_parser.cci(3203) free_all:
      2014/03/07 10:47:10.009| Gadgets.cc(245) aclDestroyAcls: aclDestroyACLs: invoked
      2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
      2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certHasExpired'
      2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.009| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certHasExpired'
      2014/03/07 10:47:10.009| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b074d0
      2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
      2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certNotYetValid'
      2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.009| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certNotYetValid'
      2014/03/07 10:47:10.009| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b074f0
      2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
      2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certDomainMismatch'
      2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.009| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certDomainMismatch'
      2014/03/07 10:47:10.009| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07510
      2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
      2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certUntrusted'
      2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.009| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certUntrusted'
      2014/03/07 10:47:10.009| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07530
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07550
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07570
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07590
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b075b0
      2014/03/07 10:47:10.009| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b075d0
      2014/03/07 10:47:10.009| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type ssl_error
      2014/03/07 10:47:10.009| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.009| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certSelfSigned'
      2014/03/07 10:47:10.009| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.010| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'ssl::certSelfSigned'
      2014/03/07 10:47:10.010| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'ssl_error'
      2014/03/07 10:47:10.010| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b075f0
      2014/03/07 10:47:10.010| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type src
      2014/03/07 10:47:10.010| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.010| Acl.cc(61) FindByName: ACL::FindByName 'all'
      2014/03/07 10:47:10.010| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.010| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'all'
      2014/03/07 10:47:10.010| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'src'
      2014/03/07 10:47:10.010| Ip.cc(260) FactoryParse: aclIpParseIpData: all
      2014/03/07 10:47:10.010| Ip.cc(264) FactoryParse: aclIpParseIpData: magic 'all' found.
      2014/03/07 10:47:10.010| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type url_regex
      2014/03/07 10:47:10.010| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.010| Acl.cc(61) FindByName: ACL::FindByName 'manager'
      2014/03/07 10:47:10.010| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.010| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'manager'
      2014/03/07 10:47:10.010| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'url_regex'
      2014/03/07 10:47:10.010| RegexData.cc(323) aclParseRegexList: aclParseRegexList: new Regex line or file
      2014/03/07 10:47:10.010| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '-i'
      2014/03/07 10:47:10.010| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '^cache_object://'
      2014/03/07 10:47:10.010| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '+i'
      2014/03/07 10:47:10.010| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '^https?://[^/]+/squid-internal-mgr/'
      2014/03/07 10:47:10.010| RegexData.cc(214) compileOptimisedREs: compileOptimisedREs: -i
      2014/03/07 10:47:10.010| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE '^cache_object://'
      2014/03/07 10:47:10.010| RegexData.cc(228) compileOptimisedREs: compileOptimisedREs: +i
      2014/03/07 10:47:10.010| RegexData.cc(173) compileRE: compileRE: compiled '(^cache_object://)' with flags 7
      2014/03/07 10:47:10.010| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE '^https?://[^/]+/squid-internal-mgr/'
      2014/03/07 10:47:10.010| RegexData.cc(173) compileRE: compileRE: compiled '(^https?://[^/]+/squid-internal-mgr/)' with flags 5
      2014/03/07 10:47:10.010| RegexData.cc(281) compileOptimisedREs: compileOptimisedREs: 2 REs are optimised into one RE.
      2014/03/07 10:47:10.010| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type src
      2014/03/07 10:47:10.010| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.010| Acl.cc(61) FindByName: ACL::FindByName 'localhost'
      2014/03/07 10:47:10.010| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.010| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'localhost'
      2014/03/07 10:47:10.010| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'src'
      2014/03/07 10:47:10.010| Ip.cc(260) FactoryParse: aclIpParseIpData: 127.0.0.1/32
      2014/03/07 10:47:10.010| Ip.cc(368) FactoryParse: aclIpParseIpData: '127.0.0.1/32' matched: SCAN3-v4: %[0123456789.]/%[0123456789.]
      2014/03/07 10:47:10.011| Ip.cc(500) FactoryParse: Parsed: 127.0.0.1-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff](/128)
      2014/03/07 10:47:10.011| Ip.cc(260) FactoryParse: aclIpParseIpData: ::1
      2014/03/07 10:47:10.011| Ip.cc(405) FactoryParse: aclIpParseIpData: Lookup Host/IP ::1
      2014/03/07 10:47:10.011| Ip.cc(439) FactoryParse: aclIpParseIpData: Located host/IP: '[::1]'
      2014/03/07 10:47:10.011| Ip.cc(446) FactoryParse: ::1 --> [::1]
      2014/03/07 10:47:10.011| Ip.cc(432) FactoryParse: aclIpParseIpData: Duplicate host/IP: '[::1]' dropped.
      2014/03/07 10:47:10.011| Ip.cc(432) FactoryParse: aclIpParseIpData: Duplicate host/IP: '[::1]' dropped.
      2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 127.0.0.1/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] (127.0.0.1)  vs [::1]-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
      2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: [::1]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] ([::1])  vs 127.0.0.1-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
      2014/03/07 10:47:10.011| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type dst
      2014/03/07 10:47:10.011| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.011| Acl.cc(61) FindByName: ACL::FindByName 'to_localhost'
      2014/03/07 10:47:10.011| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.011| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'to_localhost'
      2014/03/07 10:47:10.011| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'dst'
      2014/03/07 10:47:10.011| Ip.cc(260) FactoryParse: aclIpParseIpData: 127.0.0.0/8
      2014/03/07 10:47:10.011| Ip.cc(368) FactoryParse: aclIpParseIpData: '127.0.0.0/8' matched: SCAN3-v4: %[0123456789.]/%[0123456789.]
      2014/03/07 10:47:10.011| Ip.cc(500) FactoryParse: Parsed: 127.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ff00:0](/104)
      2014/03/07 10:47:10.011| Ip.cc(260) FactoryParse: aclIpParseIpData: 0.0.0.0/32
      2014/03/07 10:47:10.011| Ip.cc(368) FactoryParse: aclIpParseIpData: '0.0.0.0/32' matched: SCAN3-v4: %[0123456789.]/%[0123456789.]
      2014/03/07 10:47:10.011| Ip.cc(500) FactoryParse: Parsed: 0.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff](/128)
      2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 127.0.0.0/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] (127.0.0.0)  vs 0.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
      2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 0.0.0.0/[ffff:ffff:ffff:ffff:ffff:ffff:ff00:0] (0.0.0.0)  vs 127.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ff00:0]
      2014/03/07 10:47:10.011| Ip.cc(260) FactoryParse: aclIpParseIpData: ::1
      2014/03/07 10:47:10.011| Ip.cc(405) FactoryParse: aclIpParseIpData: Lookup Host/IP ::1
      2014/03/07 10:47:10.011| Ip.cc(439) FactoryParse: aclIpParseIpData: Located host/IP: '[::1]'
      2014/03/07 10:47:10.011| Ip.cc(446) FactoryParse: ::1 --> [::1]
      2014/03/07 10:47:10.011| Ip.cc(432) FactoryParse: aclIpParseIpData: Duplicate host/IP: '[::1]' dropped.
      2014/03/07 10:47:10.011| Ip.cc(432) FactoryParse: aclIpParseIpData: Duplicate host/IP: '[::1]' dropped.
      2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 0.0.0.0/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] (0.0.0.0)  vs [::1]-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
      2014/03/07 10:47:10.011| Ip.cc(134) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: [::1]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] ([::1])  vs 0.0.0.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]
      2014/03/07 10:47:10.011| Processing Configuration File: /usr/pbi/squid-i386/etc/squid/squid.conf (depth 0)
      2014/03/07 10:47:10.012| cache_cf.cc(557) parseOneConfigFile: Processing: http_port 10.1.1.1:3128
      2014/03/07 10:47:10.012| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b66210
      2014/03/07 10:47:10.012| cache_cf.cc(3551) parsePortSpecification: http_port: Listen on Host/IP: 10.1.1.1 --> 10.1.1.1:3128
      2014/03/07 10:47:10.012| cbdata.cc(419) cbdataInternalLock: cbdataLock: 0x28b66210=1
      2014/03/07 10:47:10.012| cache_cf.cc(557) parseOneConfigFile: Processing: http_port 127.0.0.1:3128 intercept
      2014/03/07 10:47:10.012| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b66310
      2014/03/07 10:47:10.012| cache_cf.cc(3551) parsePortSpecification: http_port: Listen on Host/IP: 127.0.0.1 --> 127.0.0.1:3128
      2014/03/07 10:47:10.012| Starting Authentication on port 127.0.0.1:3128
      2014/03/07 10:47:10.012| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
      2014/03/07 10:47:10.012| Disabling IPv6 on port 127.0.0.1:3128 (interception enabled)
      2014/03/07 10:47:10.013| cbdata.cc(419) cbdataInternalLock: cbdataLock: 0x28b66310=1
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: icp_port 7
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: dns_v4_first off
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: pid_filename /var/run/squid.pid
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_effective_user proxy
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_effective_group proxy
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: error_default_language en
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: icon_directory /usr/pbi/squid-i386/etc/squid/icons
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: visible_hostname localhost
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_mgr admin@localhost
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: access_log /dev/null
      2014/03/07 10:47:10.013| cache_cf.cc(4042) parse_access_log: Log definition name 'squid' file '/dev/null'
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_log /var/squid/logs/cache.log
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: cache_store_log none
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: logfile_rotate 0
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: shutdown_lifetime 3 seconds
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: acl localnet src  10.1.1.0/24
      2014/03/07 10:47:10.013| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type src
      2014/03/07 10:47:10.013| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.013| Acl.cc(61) FindByName: ACL::FindByName 'localnet'
      2014/03/07 10:47:10.013| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.013| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'localnet'
      2014/03/07 10:47:10.013| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'src'
      2014/03/07 10:47:10.013| Ip.cc(260) FactoryParse: aclIpParseIpData: 10.1.1.0/24
      2014/03/07 10:47:10.013| Ip.cc(368) FactoryParse: aclIpParseIpData: '10.1.1.0/24' matched: SCAN3-v4: %[0123456789.]/%[0123456789.]
      2014/03/07 10:47:10.013| Ip.cc(500) FactoryParse: Parsed: 10.1.1.0-[::]/[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00](/120)
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: uri_whitespace strip
      2014/03/07 10:47:10.013| cache_cf.cc(557) parseOneConfigFile: Processing: acl dynamic urlpath_regex cgi-bin \?
      2014/03/07 10:47:10.013| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type urlpath_regex
      2014/03/07 10:47:10.013| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.013| Acl.cc(61) FindByName: ACL::FindByName 'dynamic'
      2014/03/07 10:47:10.014| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.014| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'dynamic'
      2014/03/07 10:47:10.014| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'urlpath_regex'
      2014/03/07 10:47:10.014| RegexData.cc(323) aclParseRegexList: aclParseRegexList: new Regex line or file
      2014/03/07 10:47:10.014| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE 'cgi-bin'
      2014/03/07 10:47:10.014| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '\?'
      2014/03/07 10:47:10.014| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE 'cgi-bin'
      2014/03/07 10:47:10.014| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE '\?'
      2014/03/07 10:47:10.014| RegexData.cc(173) compileRE: compileRE: compiled '(cgi-bin)|(\?)' with flags 5
      2014/03/07 10:47:10.014| RegexData.cc(281) compileOptimisedREs: compileOptimisedREs: 2 REs are optimised into one RE.
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: cache deny dynamic
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64440
      2014/03/07 10:47:10.014| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'dynamic'
      2014/03/07 10:47:10.014| Acl.cc(61) FindByName: ACL::FindByName 'dynamic'
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: cache_mem 8 MB
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: maximum_object_size_in_memory 32 KB
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: memory_replacement_policy heap GDSF
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: cache_replacement_policy heap LFUDA
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: minimum_object_size 0 KB
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: maximum_object_size 10 KB
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: offline_mode off
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: cache allow all
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b644a0
      2014/03/07 10:47:10.014| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
      2014/03/07 10:47:10.014| Acl.cc(61) FindByName: ACL::FindByName 'all'
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: acl allsrc src all
      2014/03/07 10:47:10.014| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type src
      2014/03/07 10:47:10.014| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.014| Acl.cc(61) FindByName: ACL::FindByName 'allsrc'
      2014/03/07 10:47:10.014| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.014| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'allsrc'
      2014/03/07 10:47:10.014| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'src'
      2014/03/07 10:47:10.014| Ip.cc(260) FactoryParse: aclIpParseIpData: all
      2014/03/07 10:47:10.014| Ip.cc(264) FactoryParse: aclIpParseIpData: magic 'all' found.
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 3127 1025-65535
      2014/03/07 10:47:10.014| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type port
      2014/03/07 10:47:10.014| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.014| Acl.cc(61) FindByName: ACL::FindByName 'safeports'
      2014/03/07 10:47:10.014| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.014| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'safeports'
      2014/03/07 10:47:10.014| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'port'
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b077b0
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07830
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07850
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07870
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07890
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b078b0
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b078d0
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b078f0
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07910
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07930
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07950
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07970
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07990
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b079b0
      2014/03/07 10:47:10.014| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b079d0
      2014/03/07 10:47:10.014| cache_cf.cc(557) parseOneConfigFile: Processing: acl sslports port 443 563
      2014/03/07 10:47:10.014| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type port
      2014/03/07 10:47:10.014| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'sslports'
      2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'sslports'
      2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'port'
      2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07a30
      2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07a50
      2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl purge method PURGE
      2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type method
      2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'purge'
      2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'purge'
      2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'method'
      2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64530
      2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl connect method CONNECT
      2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type method
      2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'connect'
      2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'connect'
      2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'method'
      2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64560
      2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl HTTP proto HTTP
      2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type proto
      2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'HTTP'
      2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'HTTP'
      2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'proto'
      2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07b10
      2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl HTTPS proto HTTPS
      2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type proto
      2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'HTTPS'
      2014/03/07 10:47:10.015| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.015| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'HTTPS'
      2014/03/07 10:47:10.015| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'proto'
      2014/03/07 10:47:10.015| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b07b50
      2014/03/07 10:47:10.015| cache_cf.cc(557) parseOneConfigFile: Processing: acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
      2014/03/07 10:47:10.015| Acl.cc(400) Registered: ACL::Prototype::Registered: invoked for type dstdom_regex
      2014/03/07 10:47:10.015| Acl.cc(404) Registered: ACL::Prototype::Registered:    yes
      2014/03/07 10:47:10.015| Acl.cc(61) FindByName: ACL::FindByName 'blacklist'
      2014/03/07 10:47:10.016| Acl.cc(67) FindByName: ACL::FindByName found no match
      2014/03/07 10:47:10.016| Acl.cc(161) ParseAclLine: aclParseAclLine: Creating ACL 'blacklist'
      2014/03/07 10:47:10.016| Acl.cc(436) Factory: ACL::Prototype::Factory: cloning an object for type 'dstdom_regex'
      2014/03/07 10:47:10.016| RegexData.cc(323) aclParseRegexList: aclParseRegexList: new Regex line or file
      2014/03/07 10:47:10.016| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE '-i'
      2014/03/07 10:47:10.016| RegexData.cc(331) aclParseRegexList: aclParseRegexList: buffering RE 'facebook.com'
      2014/03/07 10:47:10.016| RegexData.cc(214) compileOptimisedREs: compileOptimisedREs: -i
      2014/03/07 10:47:10.016| RegexData.cc(238) compileOptimisedREs: compileOptimisedREs: adding RE 'facebook.com'
      2014/03/07 10:47:10.016| RegexData.cc(173) compileRE: compileRE: compiled '(facebook.com)' with flags 7
      2014/03/07 10:47:10.016| RegexData.cc(281) compileOptimisedREs: compileOptimisedREs: 1 REs are optimised into one RE.
      2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access allow manager localhost
      2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64590
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'manager'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'manager'
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'localhost'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'localhost'
      2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny manager
      2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64500
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'manager'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'manager'
      2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access allow purge localhost
      2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64620
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'purge'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'purge'
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'localhost'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'localhost'
      2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny purge
      2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b645f0
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'purge'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'purge'
      2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny !safeports
      2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64680
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'safeports'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'safeports'
      2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny CONNECT !sslports
      2014/03/07 10:47:10.016| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b646e0
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'CONNECT'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'CONNECT'
      2014/03/07 10:47:10.016| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'sslports'
      2014/03/07 10:47:10.016| Acl.cc(61) FindByName: ACL::FindByName 'sslports'
      2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: request_body_max_size 0 KB
      2014/03/07 10:47:10.016| cache_cf.cc(557) parseOneConfigFile: Processing: delay_pools 1
      2014/03/07 10:47:10.017| event.cc(346) schedule: schedule: Adding 'DelayPools::Update', in 1.00 seconds
      2014/03/07 10:47:10.017| cache_cf.cc(557) parseOneConfigFile: Processing: delay_class 1 2
      2014/03/07 10:47:10.017| cache_cf.cc(557) parseOneConfigFile: Processing: delay_parameters 1 -1/-1 -1/-1
      2014/03/07 10:47:10.017| cache_cf.cc(557) parseOneConfigFile: Processing: delay_initial_bucket_level 100
      2014/03/07 10:47:10.017| cache_cf.cc(557) parseOneConfigFile: Processing: delay_access 1 allow allsrc
      2014/03/07 10:47:10.018| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b646b0
      2014/03/07 10:47:10.018| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'allsrc'
      2014/03/07 10:47:10.018| Acl.cc(61) FindByName: ACL::FindByName 'allsrc'
      2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny blacklist
      2014/03/07 10:47:10.018| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64740
      2014/03/07 10:47:10.018| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'blacklist'
      2014/03/07 10:47:10.018| Acl.cc(61) FindByName: ACL::FindByName 'blacklist'
      2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: http_access allow localnet
      2014/03/07 10:47:10.018| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64770
      2014/03/07 10:47:10.018| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'localnet'
      2014/03/07 10:47:10.018| Acl.cc(61) FindByName: ACL::FindByName 'localnet'
      2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: http_access deny allsrc
      2014/03/07 10:47:10.018| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b647a0
      2014/03/07 10:47:10.018| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'allsrc'
      2014/03/07 10:47:10.018| Acl.cc(61) FindByName: ACL::FindByName 'allsrc'
      2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: icap_enable on
      2014/03/07 10:47:10.018| cache_cf.cc(557) parseOneConfigFile: Processing: icap_send_client_ip on
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_send_client_username on
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_client_username_encode off
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_client_username_header X-Authenticated-User
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_preview_enable on
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_preview_size 1024
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
      2014/03/07 10:47:10.019| ServiceConfig.cc(174) grokUri: /usr/pbi/squid-i386/etc/squid/squid.conf:103: service protocol is icap
      2014/03/07 10:47:10.019| ServiceConfig.cc(148) parse: /usr/pbi/squid-i386/etc/squid/squid.conf:103: adaptation_service service_req REQMOD_PRECACHE 00 icap://127.0.0.1:1344/squidclamav
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
      2014/03/07 10:47:10.019| ServiceConfig.cc(174) grokUri: /usr/pbi/squid-i386/etc/squid/squid.conf:104: service protocol is icap
      2014/03/07 10:47:10.019| ServiceConfig.cc(148) parse: /usr/pbi/squid-i386/etc/squid/squid.conf:104: adaptation_service service_resp RESPMOD_PRECACHE 00 icap://127.0.0.1:1344/squidclamav
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: adaptation_access service_req allow all
      2014/03/07 10:47:10.019| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64a10
      2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
      2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
      2014/03/07 10:47:10.019| cache_cf.cc(557) parseOneConfigFile: Processing: adaptation_access service_resp allow all
      2014/03/07 10:47:10.019| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64aa0
      2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
      2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
      2014/03/07 10:47:10.019| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b649b0
      2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
      2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
      2014/03/07 10:47:10.019| wccp2.cc(533) wccp2_add_service_list: wccp2_add_service_list: added service id 0
      2014/03/07 10:47:10.019| cbdata.cc(324) cbdataInternalAlloc: cbdataAlloc: 0x28b64b00
      2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
      2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
      2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'ssl::certUntrusted'
      2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certUntrusted'
      2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'ssl::certSelfSigned'
      2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'ssl::certSelfSigned'
      2014/03/07 10:47:10.019| Gadgets.cc(220) aclParseAclList: aclParseAclList: looking for ACL name 'all'
      2014/03/07 10:47:10.019| Acl.cc(61) FindByName: ACL::FindByName 'all'
      2014/03/07 10:47:10.020| tools.cc(585) uniqueHostname:  Config: '
      2014/03/07 10:47:10.020| tools.cc(585) uniqueHostname:  Config: '
      2014/03/07 10:47:10.020| Initializing https proxy context
      2014/03/07 10:47:10.021| support.cc(1000) sslCreateClientContext: Using SSLv2/SSLv3.
      2014/03/07 10:47:10.021| support.cc(1052) sslCreateClientContext: Setting RSA key generation callback.
      2014/03/07 10:47:10.021| support.cc(1059) sslCreateClientContext: Setting certificate verification callback.
      2014/03/07 10:47:10.021| support.cc(1063) sslCreateClientContext: Setting CA certificate locations.
      2014/03/07 10:47:10.021| tools.cc(597) leave_suid: leave_suid: PID 5747 called
      2014/03/07 10:47:10.021| tools.cc(619) leave_suid: leave_suid: PID 5747 giving up root, becoming 'proxy'
      2014/03/07 10:47:10.021| debug.cc(424) parseOptions: command-line -X overrides: ALL,1
      
      
      1 Reply Last reply Reply Quote 0
      • E Offline
        exograpix
        last edited by

        Neither squidguard nor antivirus start at the start up, I have to login and manually save squid setting, than voila it works, please see my log of startup and after I click save in squid.

        error1.txt

        1 Reply Last reply Reply Quote 0
        • U Offline
          usabug
          last edited by

          Can anyone please inform me why when i enable the antivirus then i cannot serf the web ?

          The following error appears :

          ==========quote============

          ERROR in the browser
          The following error was encountered while trying to retrieve the URL:
          http://google.com
              ICAP protocol error.

          The system returned: [No Error]

          This means that some aspect of the ICAP communication failed.

          Some possible problems are:

          *

          The ICAP server is not reachable.
              *

          An Illegal response was received from the ICAP server.

          ==================unquote =====================

          If i run the client to the console

          /usr/local/bin/c-icap-client
          ICAP server:localhost, ip:127.0.0.1, port:1344

          OPTIONS:
                  Allow 204: Yes
                  Preview: 1024
                  Keep alive: Yes

          ICAP HEADERS:
                  ICAP/1.0 200 OK:
                  Methods:RESPMOD, REQMOD
                  Service:C-ICAP/0.2.5 server - Echo demo service
                  ISTag:CI0001-XXXXXXXXX
                  Transfer-Preview:*
                  Options-TTL:3600
                  Date:Tue, 11 Mar 2014 13:54:59 GMT
                  Preview:1024
                  Allow:204
                  X-Include:X-Authenticated-User, X-Authenticated-Groups
                  Encapsulated:null-body=0

          and all the services seems that are running .

          I look forward for your responses .

          1 Reply Last reply Reply Quote 0
          • marcellocM Offline
            marcelloc
            last edited by

            usabug, can you try with pfsense 32 bits?

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • U Offline
              usabug
              last edited by

              @marcelloc:

              usabug, can you try with pfsense 32 bits?

              Dear Marcelloc ,

              I can try but if i use 32 bit operating system then i can only use only 4GB ram .

              The server right now has onboard 16G ram .

              If i use the 32 bit operating system i have to install a kernel with Physical address extension , witch these solution is not an option cause it makes too much crushes .

              But if you want me to do it just for test , i can do it

              1 Reply Last reply Reply Quote 0
              • O Offline
                Oliver_
                last edited by

                First i want to thank you guys for your work  @ Eduardo Gonçalves & marcelloc

                How can we help you with your work? Tomorrow my Testing-System should be running again and i have a little time for testing!

                1 Reply Last reply Reply Quote 0
                • marcellocM Offline
                  marcelloc
                  last edited by

                  @Oliver_:

                  How can we help you with your work?

                  The problem is that c-icap is crashing when called by squid. you can check it on squid logs.

                  Treinamentos de Elite: http://sys-squad.com

                  Help a community developer! ;D

                  1 Reply Last reply Reply Quote 0
                  • belleraB Offline
                    bellera
                    last edited by

                    Working with squid3-devel in non-transparent mode, in transparent mode for http but when I activated transparent mode for https doesn't work.

                    Here is my /var/log/system.log

                    Mar 13 20:47:24 fw2 php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
                    Mar 13 20:47:24 fw2 php: /pkg_edit.php: Reloading Squid for configuration sync
                    Mar 13 20:47:24 fw2 check_reload_status: Reloading filter
                    Mar 13 20:47:25 fw2 check_reload_status: Syncing firewall
                    Mar 13 20:47:25 fw2 php: /pkg_edit.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
                    Mar 13 20:47:25 fw2 php: /pkg_edit.php: Reloading Squid for configuration sync
                    Mar 13 20:47:25 fw2 squid: Bungled /usr/pbi/squid-i386/etc/squid/squid.conf line 6: https_port 127.0.0.1:3129 intercept 
                    Mar 13 20:47:25 fw2 php: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -k reconfigure -f /usr/pbi/squid-i386/etc/squid/squid.conf' returned exit code '1', the output was '2014/03/13 20:47:25| FATAL: tproxy/intercept on https_port requires ssl-bump which is missing. FATAL: Bungled /usr/pbi/squid-i386/etc/squid/squid.conf line 6: https_port 127.0.0.1:3129 intercept Squid Cache (Version 3.3.10): Terminated abnormally. CPU Usage: 0.008 seconds = 0.008 user + 0.000 sys Maximum Resident Size: 28544 KB Page faults with physical i/o: 0'
                    

                    Similar problem and clamav is not yet activated. I'm implementing squid3-devel step-by-step…

                    I tried stop/start squid and same result.

                    FATAL: tproxy/intercept on https_port requires ssl-bump which is missing. FATAL: Bungled /usr/pbi/squid-i386/etc/squid/squid.conf line 6: https_port 127.0.0.1:3129 intercept Squid Cache (Version 3.3.10): Terminated abnormally.

                    1 Reply Last reply Reply Quote 0
                    • belleraB Offline
                      bellera
                      last edited by

                      My system is 32 bit…

                      Differences in squid.conf when applying for transparent SSL mode:

                      diff squid.conf_transparent.txt squid.conf_transparent_ssl.txt 
                      4,5c4,6
                      < http_port 192.168.1.1:3128
                      < http_port 127.0.0.1:3128 intercept
                      ---
                      > http_port 192.168.1.1:3128 
                      > http_port 127.0.0.1:3128 intercept 
                      > https_port 127.0.0.1:3129 intercept 
                      87a89,90
                      > always_direct allow all
                      > ssl_bump server-first all
                      
                      1 Reply Last reply Reply Quote 0
                      • belleraB Offline
                        bellera
                        last edited by

                        Working, but…

                        Must I create my own CA?

                        Can I use an "official" CA or not?

                        diff squid.conf_transparent_ssl.txt squid.conf_transparent_ssl_myself.txt 
                        4,6c4,9
                        < http_port 192.168.1.1:3128 
                        < http_port 127.0.0.1:3128 intercept 
                        < https_port 127.0.0.1:3129 intercept 
                        ---
                        > http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-i386/etc/squid/serverkey.pem capath=/usr/pbi/squid-i386/share/certs/
                        > 
                        > http_port 127.0.0.1:3128 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-i386/etc/squid/serverkey.pem capath=/usr/pbi/squid-i386/share/certs/
                        > 
                        > https_port 127.0.0.1:3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-i386/etc/squid/serverkey.pem capath=/usr/pbi/squid-i386/share/certs/
                        > 
                        18a22,25
                        > sslcrtd_program /usr/pbi/squid-i386/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048
                        > sslcrtd_children 5
                        > sslproxy_capath /usr/pbi/squid-i386/share/certs/
                        > sslproxy_cert_adapt setCommonName all
                        

                        I will like not do do this:

                        Install the CA crt as an trusted ca on each computer you want to filter ssl to avoid ssl error on each connection.

                        Could be, in fact, impossible. A lot of BYOD (http://en.wikipedia.org/wiki/Bring_your_own_device)…

                        1 Reply Last reply Reply Quote 0
                        • O Offline
                          Oliver_
                          last edited by

                          Yes you must create your own ca! I think it is not possible to use an "official" CA, because you are using a Man-In-The-Middle Attack to fetch and control https traffic.
                          Of course every https filter will use a MITM-attack so the client must have a trusted wildcard cert of the controling unit.

                          A Solution can be to have a non transparent SSL-Proxy and only devices that are under your control are forced to use Proxy.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.