Transparent proxy not working after upgrade to 2.2
-
Here is mine
# Do not edit manually ! http_port 192.168.1.254:3128 http_port 127.0.0.1:3128 transparent icp_port 0 pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/pbi/squid-i386/etc/squid/errors/English icon_directory /usr/pbi/squid-i386/etc/squid/icons visible_hostname fw1.home cache_mgr tielens.t@gmail.com access_log /var/squid/logs/access.log cache_log /var/squid/logs/cache.log cache_store_log none logfile_rotate 7 shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 192.168.1.0/255.255.255.0 uri_whitespace strip cache_mem 10 MB maximum_object_size_in_memory 32 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir diskd /var/squid/cache 500 16 256 minimum_object_size 0 KB maximum_object_size 5 KB offline_mode off cache_swap_low 90 cache_swap_high 95 # No redirector configured squid.conf...skipping... # Do not edit manually ! http_port 192.168.1.254:3128 http_port 127.0.0.1:3128 transparent icp_port 0 pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/pbi/squid-i386/etc/squid/errors/English icon_directory /usr/pbi/squid-i386/etc/squid/icons visible_hostname fw1.home cache_mgr TieT access_log /var/squid/logs/access.log cache_log /var/squid/logs/cache.log cache_store_log none logfile_rotate 7 shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 192.168.1.0/255.255.255.0 uri_whitespace strip cache_mem 10 MB maximum_object_size_in_memory 32 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir diskd /var/squid/cache 500 16 256 minimum_object_size 0 KB maximum_object_size 5 KB offline_mode off cache_swap_low 90 cache_swap_high 95 # No redirector configured # Setup some default acls acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 1025-65535 acl sslports port 443 563 acl manager proto cache_object acl purge method PURGE -
Just to be sure, Are you selecting interfaces on squid general tab?
I'm asking because other users had this "issue".
-
Just to be sure, Are you selecting interfaces on squid general tab?
I'm asking because other users had this "issue".
yeah I had that issue as well after upgrading the other day but I fixed it soon after
-
I tried to load a config.xml that looks as much as possible like a fresh installation and also did a checksum of all files and compared them but I don't think there was anything wrong with them
the only clue I have is the CLOSED:SYN_SENT state but it's not much
-
That means, you have send a sync request but no one answers (connection is closed)
Did you set a virtual IP on the WAN or LAN ?
-
That means, you have send a sync request but no one answers (connection is closed)
Did you set a virtual IP on the WAN or LAN ?
no
-
I have this issue as well.
Foud this in the log:
php-fpm[83033]: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -k shutdown' returned exit code '1', the output was 'Shared object "libz.so.5" not found, required by "libmd5.so.1"' -
Foud this in the log:
php-fpm[83033]: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -k shutdown' returned exit code '1', the output was 'Shared object "libz.so.5" not found, required by "libmd5.so.1"'Is this setup a migration from 2.1 or any 2.2RC version?
Not getting it on amd64. :-\
-
Foud this in the log:
php-fpm[83033]: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -k shutdown' returned exit code '1', the output was 'Shared object "libz.so.5" not found, required by "libmd5.so.1"'That thing gets removed. https://github.com/pfsense/pfsense/blob/master/etc/pfSense.obsoletedfiles
$ ls -l /usr/lib/libz.so* lrwxr-xr-x 1 root wheel 14 Jan 24 06:00 /usr/lib/libz.so -> /lib/libz.so.5 $ ls -l /lib/libz.so.5 ls: /lib/libz.so.5: No such file or directory $ ls -l /lib/libz.so.6 -r--r--r-- 1 root wheel 79180 Jan 22 22:07 /lib/libz.so.6This clearly is not done properly on FULL installs, as seen from the dangling dead symlinks.
Cf. that with nanobsd:
$ ls -l /usr/lib/libz.so* lrwxr-xr-x 1 root wheel 14 Jan 22 22:07 /usr/lib/libz.so -> /lib/libz.so.6 $ ls -l /lib/libz.so.6 -r--r--r-- 1 root wheel 79180 Jan 22 22:07 /lib/libz.so.6Is this setup a migration from 2.1 or any 2.2RC version?
Not getting it on amd64. :-\Apparently an upgrade process bug on full installs, rendering the updated library pretty much useless as it cannot be found. Just a few examples:
/usr/lib/libcrypto.so -> /lib/libcrypto.so.6 $ ls -l /lib/libcrypto.so.6 ls: /lib/libcrypto.so.6: No such file or directory /usr/lib/libmd.so -> /lib/libmd.so.5 $ ls -l /lib/libmd.so.5 ls: /lib/libmd.so.5: No such file or directory $ ls -l /usr/lib/libusb.so* lrwxr-xr-x 1 root wheel 11 Jan 24 06:00 /usr/lib/libusb.so -> libusb.so.2 -r--r--r-- 1 root wheel 65068 Jan 22 22:07 /usr/lib/libusb.so.3 /usr/lib/libufs.so -> /lib/libufs.so.5 $ ls -l /lib/libufs.so.5 ls: /lib/libufs.so.5: No such file or directoryBadly, badly broken. >:( => https://redmine.pfsense.org/issues/4328
-
I think this can be resolved by creating a link between those libs.
and restarting squid.ln -s /lib/libz.so.5 /usr/lib/libz.so.6(if the file is in /lib of course)
You can do a search to make suresu find / -name libz.so.*I had the same problem with squid and snort a while back
let me know what happens ;) -
I think this can be resolved by creating a link between those libs.
and restarting squid.ln /lib/libz.so.6 /lib/libz.so.5Uh no, this is completely wrong "fix".
-
Uh no, this is completely wrong "fix".
So you're saying it won't work untill 2.2.1 is rolled out ?
-
You are fixing the wrong thing! That .5 vs .6 actually has a meaning - the new version of the library does not have a backward-compatible ABI! If you want to fix something, then fix the dead /usr/lib/*.so symlinks so that they point to proper file. Don't create "compatibility" symlinks pretending a deliberately removed outdated ABI library is still there.
-
Renato is going to rebuild squid pbi under i386, this may fix most issues.
-
Yes you're right, but do you expect users to have a non functional box for god knows how long.
like i said, its a temp fix that works for me.
when squid is rebuild and functioning again, I will undertake the needed steps to make it point to the right libs.On the other hand, disable squid and wait for an update is also a solution…
But where is the fun in that :PAnd yes, I know the .5 - .6 has a meaning, thank you for being so condescending.
also i made a typo, it should be```
ln -s /lib/libz.so.6 /usr/lib/libz.soand i'm guessing squid points to /usr/lib/ to find the files ? -
Yes you're right, but do you expect users to have a non functional box for god knows how long.
Is this question for me? ???
-
Is this question for me? ???
No ;)
Its was an answer to doktornotor -
Hello,
for me after the 2.1.5 to 2.2 version, the captive portal not worked.
I added an new Rules in Firewall to accept 8002 port and it's works.
-
for me after the 2.1.5 to 2.2 version, the captive portal not worked.
Captive portal itself(better start a new thread) or Squid integration with captive portal?
-
Hi,
My name is fred and I am sorry if I write in your post but but I did not find how to start a discussion
I have a problem with pfsense installation script was ok but now I cannot access to the box anymore. What can I do? Is it possible to reset the box?You can write me directly fredbovyeirl@gmail.com
The in advance and sorry again
Fred
