WPAD questions and problems

MrGlasspoole

Step by step…

Forget the wpad for a while.
What i was saying is:
If i enable the firewall rule to block http and use 192.168.0.1:3128 (not wpad) in the browser then the internet stops working.
If i disable the rule then it works again and uses the proxy.

KOM

If you block 80/443 and manually set your browser to use the proxy at the specified address:port and nothing works and you're positive you didn't make a typo, your Squid install is broken. Look in your System log, as well as /var/squid/logs/access.log and cache.log.

Can you please remind me as to what version of pfSense and Squid you are using?

MrGlasspoole

Ok, found out something.
The whole time i was just using google for testing.
But this time i used another site and it's just HTTPS (google) that is not working if i enable the firewall rule.
HTTP works with pointing the browser to address:port.
BUT if i set the browser to auto-discovery then also HTTP is not working.

pfSense 2.2
squid3 3.4.10_2 pkg 0.2.6

KOM

Do you run IPv6?

MrGlasspoole

IPv6 is none in LAN and WAN.

And the output of ps aux | grep "light" is:

root    17216   0.0  0.3  50796   5888  -  S    12Feb15     0:25.97 /usr/local/sbin/lighttpd -f /var/etc/
root    89081   0.0  0.2  40392   4416  -  S    12Feb15     0:21.07 /usr/local/sbin/lighttpd -f /var/etc/
root    94646   0.0  1.5 232612  31596  -  I    10:10AM     0:00.22 php-fpm: pool lighty (php-fpm)
root    49032   0.0  0.1  18884   2356  0  S+   10:13AM     0:00.00 grep light

As i said i use the vHost package to host the wpad that i can run the WebGUI over HTTPS
but don't need a certificate for the wpad.

Tomorrow when i have time i will make some tests step by step with checking the logs after every step.
But today i have a date and no time ;-)

KOM

Good luck on your date 8) :-*

MrGlasspoole

Ok time to get it working.

Blocking https and using the proxy does not work.
This is what happens if the browser is set to the proxy and http and https are blocked in Firewall > Rules > LAN:
http = YES working
https = NO does not work

KOM

You have it set to standard mode (not transparent)? You do NOT have it set to intercept SSL? You have a wpad.dat file accessible via an HTTP server that can be found by a DNS lookup of wpad.yourdomain?

MrGlasspoole

I'm just looking to get https working if i block it in the firewall without looking a the wpad (proxy ip/port manually set in the browser).

Transparent HTTP proxy = unchecked
HTTPS/SSL interception = unchecked

See attachment…

![Proxy server- General settings.png](/public/imported_attachments/1/Proxy server- General settings.png)
![Proxy server- General settings.png_thumb](/public/imported_attachments/1/Proxy server- General settings.png_thumb)
![Firewall- Rules.png](/public/imported_attachments/1/Firewall- Rules.png)
![Firewall- Rules.png_thumb](/public/imported_attachments/1/Firewall- Rules.png_thumb)

KOM

Your settings look good but I notice that squidGuard is in the mix. OK, sometimes these weird issues with squid can be fixed with a reboot, so I would do that first. Next, I would look at /var/log/squid/access.log and see what's happening. Also look at cache.log for any obvious errors. Lastly, I would get rid of squidGuard to make sure it isn't interfering. Mare sure when you're testing to do a force refresh with ctrl-F5 or whatever your browser uses.

MrGlasspoole

Ok I first deleted the logs to get fresh ones and restarted.
After blocking 80/443 and accessing one http and one https site i get this:
/var/squid/logs/access.log

1430081870.198    476 192.168.0.70 TCP_MISS/200 18530 GET http://winfuture.de/ - HIER_DIRECT/212.53.132.4 text/html
1430081870.327     72 192.168.0.70 TCP_MISS/200 8032 GET http://i.wfcdn.de/teaser/328/6945.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.336     73 192.168.0.70 TCP_MISS/200 5999 GET http://i.wfcdn.de/teaser/128/15219.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.341     78 192.168.0.70 TCP_MISS/200 6489 GET http://i.wfcdn.de/teaser/128/65.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.341     76 192.168.0.70 TCP_MISS/200 5749 GET http://i.wfcdn.de/teaser/128/415.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.344     64 192.168.0.70 TCP_MISS/200 2756 GET http://i.wfcdn.de/videos/128/14406.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.344     88 192.168.0.70 TCP_MISS/200 5272 GET http://i.wfcdn.de/teaser/128/12165.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.347     56 192.168.0.70 TCP_MISS/200 6398 GET http://i.wfcdn.de/teaser/210/15205.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.351     72 192.168.0.70 TCP_MISS/200 2607 GET http://i.wfcdn.de/videos/128/14411.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.351     58 192.168.0.70 TCP_MISS/200 8325 GET http://i.wfcdn.de/teaser/210/14525.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.571    310 192.168.0.70 TCP_MISS/200 2831 GET http://i.wfcdn.de/teaser/128/454.1.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.573    315 192.168.0.70 TCP_MISS/200 3785 GET http://i.wfcdn.de/teaser/128/14997.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081870.577     61 192.168.0.70 TCP_MISS/200 536 GET http://winfuture.de/ajax/now? - HIER_DIRECT/212.53.132.4 application/json
1430081873.324   3029 192.168.0.70 TCP_MISS/200 8941 GET http://i.wfcdn.de/teaser/210/15209.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
1430081873.355   3057 192.168.0.70 TCP_MISS/200 14746 GET http://i.wfcdn.de/teaser/210/15196.png - HIER_DIRECT/162.159.246.58 image/png
1430081873.417   3122 192.168.0.70 TCP_MISS/200 23704 GET http://videos.winfuture.de/14408.jpg - HIER_DIRECT/212.53.132.3 image/jpeg
1430081883.494     51 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/1/6801 - HIER_DIRECT/212.53.132.4 text/html
1430081893.581     69 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/2/5891 - HIER_DIRECT/212.53.132.4 text/html
1430081894.166     25 192.168.0.70 TCP_MISS/200 1460 GET http://i.wfcdn.de/5/favicon.ico - HIER_DIRECT/162.159.246.58 image/x-icon
1430081903.665     60 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/3/2270 - HIER_DIRECT/212.53.132.4 text/html
1430081913.751     68 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/4/0245 - HIER_DIRECT/212.53.132.4 text/html
1430081923.810     45 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/5/2352 - HIER_DIRECT/212.53.132.4 text/html
1430081933.875     53 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/6/8629 - HIER_DIRECT/212.53.132.4 text/html
1430081943.944     57 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/7/9718 - HIER_DIRECT/212.53.132.4 text/html

/var/squid/logs/cache.log

2015/04/26 22:57:14 kid1| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1...
2015-04-26 22:57:14 [26308] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
2015-04-26 22:57:14 [26308] New setting: logdir: /var/squidGuard/log
2015-04-26 22:57:14 [26308] New setting: dbhome: /var/db/squidGuard
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_ads/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_ads/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_blasphemy/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_chanology/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_chanology/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_cp/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_cp/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_dating/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_dating/domains.db
2015-04-26 22:57:14 [24879] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
2015-04-26 22:57:14 [24879] New setting: logdir: /var/squidGuard/log
2015-04-26 22:57:14 [24879] New setting: dbhome: /var/db/squidGuard
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_ads/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_ads/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_blasphemy/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_chanology/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_chanology/domains.db
2015-04-26 22:57:14 [26572] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_cp/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_cp/domains.db
2015-04-26 22:57:14 [26572] New setting: logdir: /var/squidGuard/log
2015-04-26 22:57:14 [26572] New setting: dbhome: /var/db/squidGuard
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_ads/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_ads/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_dating/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_dating/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_dyn/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_dyn/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_file/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_file/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_freeWeb/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_gambling/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_gambling/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_gaming/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_gaming/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_image/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_image/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_malicious/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_malicious/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_pharmaRX/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_blasphemy/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_chanology/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_chanology/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_cp/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_cp/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_dating/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_dating/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_dyn/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_dyn/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_file/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_file/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_dyn/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_dyn/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_file/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_file/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_freeWeb/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_gambling/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_gambling/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_gaming/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_gaming/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_piracy/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_piracy/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_porn/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_porn/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_prime/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_prime/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_proxies/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_proxies/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_freeWeb/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_gambling/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_gambling/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_gaming/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_gaming/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_image/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_image/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_malicious/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_malicious/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_smedia/domains
2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_smedia/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_pharmaRX/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_piracy/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_piracy/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_porn/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_porn/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_prime/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_prime/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_proxies/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_proxies/domains.db
2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_smedia/domains
2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_smedia/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_image/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_image/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_malicious/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_malicious/domains.db
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_pharmaRX/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db
2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_tlds_new/domains
2015-04-26 22:57:14 [24666] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
2015-04-26 22:57:14 [27008] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_piracy/domains
2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_piracy/domains.db
2015-04-26 22:57:14 [24666] New setting: logdir: /var/squidGuard/log
2015-04-26 22:57:14 [24666] New setting: dbhome: /var/db/squidGuard

/var/squidGuard/log/squidGuard.log

2015-04-26 22:57:14 [24666] squidGuard 1.4 started (1430081834.410)
2015-04-26 22:57:14 [24666] squidGuard ready for requests (1430081834.439)
2015-04-26 22:57:14 [24879] squidGuard 1.4 started (1430081834.368)
2015-04-26 22:57:14 [24879] squidGuard ready for requests (1430081834.441)
2015-04-26 22:57:14 [26572] squidGuard 1.4 started (1430081834.370)
2015-04-26 22:57:14 [26572] squidGuard ready for requests (1430081834.444)
2015-04-26 22:57:14 [26308] squidGuard 1.4 started (1430081834.361)
2015-04-26 22:57:14 [26308] squidGuard ready for requests (1430081834.451)
2015-04-26 22:57:14 [25549] squidGuard 1.4 started (1430081834.462)
2015-04-26 22:57:14 [25549] squidGuard ready for requests (1430081834.473)
2015-04-26 22:57:14 [27008] squidGuard 1.4 started (1430081834.415)
2015-04-26 22:57:14 [27008] squidGuard ready for requests (1430081834.482)
2015-04-26 22:57:14 [28268] squidGuard 1.4 started (1430081834.462)
2015-04-26 22:57:14 [28268] squidGuard ready for requests (1430081834.489)
2015-04-26 22:57:14 [24592] squidGuard 1.4 started (1430081834.450)
2015-04-26 22:57:14 [24592] squidGuard ready for requests (1430081834.491)
2015-04-26 22:57:15 [24592] squidGuard stopped (1430081835.986)
2015-04-26 22:57:15 [25549] squidGuard stopped (1430081835.986)
2015-04-26 22:57:15 [26308] squidGuard stopped (1430081835.986)
2015-04-26 22:57:15 [28268] squidGuard stopped (1430081835.987)
2015-04-26 22:57:15 [24666] squidGuard stopped (1430081835.988)
2015-04-26 22:57:15 [24879] squidGuard stopped (1430081835.988)
2015-04-26 22:57:15 [26572] squidGuard stopped (1430081835.988)
2015-04-26 22:57:15 [27008] squidGuard stopped (1430081835.988)
2015-04-26 22:57:16 [60436] squidGuard 1.4 started (1430081836.432)
2015-04-26 22:57:16 [60436] squidGuard ready for requests (1430081836.447)
2015-04-26 22:57:16 [60750] squidGuard 1.4 started (1430081836.466)
2015-04-26 22:57:16 [60750] squidGuard ready for requests (1430081836.480)
2015-04-26 22:57:16 [62581] squidGuard 1.4 started (1430081836.476)
2015-04-26 22:57:16 [62581] squidGuard ready for requests (1430081836.487)
2015-04-26 22:57:16 [60430] squidGuard 1.4 started (1430081836.466)
2015-04-26 22:57:16 [60430] squidGuard ready for requests (1430081836.497)
2015-04-26 22:57:16 [61883] squidGuard 1.4 started (1430081836.483)
2015-04-26 22:57:16 [61883] squidGuard ready for requests (1430081836.498)
2015-04-26 22:57:16 [63879] squidGuard 1.4 started (1430081836.501)
2015-04-26 22:57:16 [63879] squidGuard ready for requests (1430081836.517)
2015-04-26 22:57:16 [61344] squidGuard 1.4 started (1430081836.502)
2015-04-26 22:57:16 [61344] squidGuard ready for requests (1430081836.519)
2015-04-26 22:57:16 [63184] squidGuard 1.4 started (1430081836.507)
2015-04-26 22:57:16 [63184] squidGuard ready for requests (1430081836.521)

I did shorten the cache.log because:

/usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
New setting: logdir: /var/squidGuard/log
New setting: dbhome: /var/db/squidGuard

is repeated multiple times?

And no https shows up in the log.

Also find out that if i block port 80 that i can't access my wpad.dat

http://wpad.mydomain.net/wpad.dat

chris4916

@MrGlasspoole:

Also find out that if i block port 80 that i can't access my wpad.dat
http://wpad.mydomain.net/wpad.dat

Pretty obvious ;)
You must have some granularity and control in the way you allow or block prtocols, especially if you have services running at FW level (like HTTP server)
This can be easily achieved, e.g. by adding rule before the one denying access so that access to FW on port 80 (in order to access wpad.dat) is authorized.

KOM

/usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log

Why is this happening? Are you out of disk space?

Start small and build up. Get WPAD and just Squid working, then move on to squidGuard.

MrGlasspoole

@chris4916:

Pretty obvious ;)

Not to me cause i thought the FW just blocks stuff going out to the Internet (WAN)

@chris4916:

This can be easily achieve, e.g. by adding rule before the one denying access so that access to FW on port 80 (in order to access wpad.dat) is authorized.

Can you explain what to do?
You can see my settings in the attachment above.
If my thoughts are right to i need to put port 80 to the Anti-Lockout Rule?

@KOM:

/usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log

Why is this happening? Are you out of disk space?

No "ufs: 23% of 18G"

It already was pain to get it running: https://forum.pfsense.org/index.php?topic=87591.0
Is there a way to temporarily disable squidGuard?

KOM

Is there a way to temporarily disable squidGuard?

Uncheck the Enable box?