Squid moaning about /tmp/rules.test.packages syntax error under pfSense 2.2
-
Ah, OK, I understand. I'm just checking LAN.
Steve
-
I've also reverted back to using a ram disk /var and no improvement. I figure this must be a configuration issue, but it worked fine with 2.1.5.
Steve
-
Is the above working in transparent mode? That's where I'm seeing issues.
Yes. But I'm not testing nano or cf images.
-
Still a problem
1. I have created a cert.
2. Installed squid and icap, updated.
3. But after installing getting "icap protocol error" not able to open any page
4. Activated transparent proxy and ssl filtering.Please help
If you do not stop squid and icap after first freshclam, it will show icap error.
-
Got it working, although not a fresh install..an upgrade. To add to below (if you're doing an upgrade install from 2.1.5) There was a reference left over to HAVP under "Proxy Server" General settings tab, Integrations. I removed all the text present in Integrations box, and then reinstalled Squidguard-dev. Works great now.
Did a fresh install and all is working together …
Steps I did
-
fresh 2.2 install
-
Install squid3
-
changed package signature option on system advanced.
-
Installed squidguard-devel
-
chech squid tabs, save, fix config options pointed by gui alerts
-
On antivirus tab, save config twice as first time it will load sample files and second check config options.
-
via console wait (repeating ps ax | grep -i fresclam or tail -f /var/log/clamav/freshclam.log) clamav database first slow update
-
enable transparent mode(do not select loopback on any squid option)
-
stop and start squid via gui to force c-icap to restart too after first freshclam.
-
install shalla blacklist on squidguard
-
apply squidguard changes
I can see both clamav and squidguard denied page for virus(tested with eicar) and blocked sites.
my tmp rules.debug file shows both intercept rules
rdr on em1 proto tcp from any to !(em1) port 80 -> 127.0.0.1 port 3128 pass in quick on em1 proto tcp from any to !(em1) port {80,3128} flags S/SA keep state -
-
There was a reference left over to HAVP under "Proxy Server" General settings tab, Integrations.
That's step 5Â :)
- chech squid tabs, save, fix config options pointed by gui alerts
-
What config option we should correct, please post details. yet to get squid3 and squidguard working, sometime it works and on the restart squidguard stop working.
-
There is nothing to correct but you need to check your config.
Old package integration as mentioned above is an example.
Setting transparent mode without selecting an interface to intercept is another.Squidguard as you can see in many threads is called on demand by squid, so sometimes you will see it stopped.
-
Just looking for a bit of clarity before I start updating firewalls. The steps say install squid3 and squidguard-devel however the description for squidguard-devel says "Requires proxy Squid 2.x package." Is this just a case of an outdated description or am I missing something?
-
Locking this thread as the original issue is resolved; it was caused by me not associating any interfaces and leaving transparent mode enabled.
Transparent mode isn't working on i386 and marcelloc has confirmed this is due to a build configuration issue which will be resolved shortly.
Steve
